source: Daodan/MSYS2/mingw32/i686-w64-mingw32/include/ntsecapi.h@ 1167

Last change on this file since 1167 was 1166, checked in by rossy, 3 years ago

Daodan: Replace MinGW build env with an up-to-date MSYS2 env

File size: 93.1 KB
Line 
1/**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the mingw-w64 runtime package.
4 * No warranty is given; refer to the file DISCLAIMER.PD within this package.
5 */
6
7#ifdef DEFINE_GUID
8
9#if !defined(INITGUID) || !defined(Audit_System_SecurityStateChange_defined)
10DEFINE_GUID(Audit_System_SecurityStateChange, 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
11#ifdef INITGUID
12#define Audit_System_SecurityStateChange_defined
13#endif
14#endif
15
16#if !defined(INITGUID) || !defined(Audit_System_SecuritySubsystemExtension_defined)
17DEFINE_GUID(Audit_System_SecuritySubsystemExtension, 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
18#ifdef INITGUID
19#define Audit_System_SecuritySubsystemExtension_defined
20#endif
21#endif
22
23#if !defined(INITGUID) || !defined(Audit_System_Integrity_defined)
24DEFINE_GUID(Audit_System_Integrity, 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
25#ifdef INITGUID
26#define Audit_System_Integrity_defined
27#endif
28#endif
29
30#if !defined(INITGUID) || !defined(Audit_System_IPSecDriverEvents_defined)
31DEFINE_GUID(Audit_System_IPSecDriverEvents, 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
32#ifdef INITGUID
33#define Audit_System_IPSecDriverEvents_defined
34#endif
35#endif
36
37#if !defined(INITGUID) || !defined(Audit_System_Others_defined)
38DEFINE_GUID(Audit_System_Others, 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
39#ifdef INITGUID
40#define Audit_System_Others_defined
41#endif
42#endif
43
44#if !defined(INITGUID) || !defined(Audit_Logon_Logon_defined)
45DEFINE_GUID(Audit_Logon_Logon, 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
46#ifdef INITGUID
47#define Audit_Logon_Logon_defined
48#endif
49#endif
50
51#if !defined(INITGUID) || !defined(Audit_Logon_Logoff_defined)
52DEFINE_GUID(Audit_Logon_Logoff, 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
53#ifdef INITGUID
54#define Audit_Logon_Logoff_defined
55#endif
56#endif
57
58#if !defined(INITGUID) || !defined(Audit_Logon_AccountLockout_defined)
59DEFINE_GUID(Audit_Logon_AccountLockout, 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
60#ifdef INITGUID
61#define Audit_Logon_AccountLockout_defined
62#endif
63#endif
64
65#if !defined(INITGUID) || !defined(Audit_Logon_IPSecMainMode_defined)
66DEFINE_GUID(Audit_Logon_IPSecMainMode, 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
67#ifdef INITGUID
68#define Audit_Logon_IPSecMainMode_defined
69#endif
70#endif
71
72#if !defined(INITGUID) || !defined(Audit_Logon_IPSecQuickMode_defined)
73DEFINE_GUID(Audit_Logon_IPSecQuickMode, 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
74#ifdef INITGUID
75#define Audit_Logon_IPSecQuickMode_defined
76#endif
77#endif
78
79#if !defined(INITGUID) || !defined(Audit_Logon_IPSecUserMode_defined)
80DEFINE_GUID(Audit_Logon_IPSecUserMode, 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
81#ifdef INITGUID
82#define Audit_Logon_IPSecUserMode_defined
83#endif
84#endif
85
86#if !defined(INITGUID) || !defined(Audit_Logon_SpecialLogon_defined)
87DEFINE_GUID(Audit_Logon_SpecialLogon, 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
88#ifdef INITGUID
89#define Audit_Logon_SpecialLogon_defined
90#endif
91#endif
92
93#if !defined(INITGUID) || !defined(Audit_Logon_Others_defined)
94DEFINE_GUID(Audit_Logon_Others, 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
95#ifdef INITGUID
96#define Audit_Logon_Others_defined
97#endif
98#endif
99
100#if !defined(INITGUID) || !defined(Audit_ObjectAccess_FileSystem_defined)
101DEFINE_GUID(Audit_ObjectAccess_FileSystem, 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
102#ifdef INITGUID
103#define Audit_ObjectAccess_FileSystem_defined
104#endif
105#endif
106
107#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Registry_defined)
108DEFINE_GUID(Audit_ObjectAccess_Registry, 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
109#ifdef INITGUID
110#define Audit_ObjectAccess_Registry_defined
111#endif
112#endif
113
114#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Kernel_defined)
115DEFINE_GUID(Audit_ObjectAccess_Kernel, 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
116#ifdef INITGUID
117#define Audit_ObjectAccess_Kernel_defined
118#endif
119#endif
120
121#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Sam_defined)
122DEFINE_GUID(Audit_ObjectAccess_Sam, 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
123#ifdef INITGUID
124#define Audit_ObjectAccess_Sam_defined
125#endif
126#endif
127
128#if !defined(INITGUID) || !defined(Audit_ObjectAccess_CertificationServices_defined)
129DEFINE_GUID(Audit_ObjectAccess_CertificationServices, 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
130#ifdef INITGUID
131#define Audit_ObjectAccess_CertificationServices_defined
132#endif
133#endif
134
135#if !defined(INITGUID) || !defined(Audit_ObjectAccess_ApplicationGenerated_defined)
136DEFINE_GUID(Audit_ObjectAccess_ApplicationGenerated, 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
137#ifdef INITGUID
138#define Audit_ObjectAccess_ApplicationGenerated_defined
139#endif
140#endif
141#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Handle_defined)
142DEFINE_GUID(Audit_ObjectAccess_Handle, 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
143#ifdef INITGUID
144#define Audit_ObjectAccess_Handle_defined
145#endif
146#endif
147
148#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Share_defined)
149DEFINE_GUID(Audit_ObjectAccess_Share, 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
150#ifdef INITGUID
151#define Audit_ObjectAccess_Share_defined
152#endif
153#endif
154
155#if !defined(INITGUID) || !defined(Audit_ObjectAccess_FirewallPacketDrops_defined)
156DEFINE_GUID(Audit_ObjectAccess_FirewallPacketDrops, 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
157#ifdef INITGUID
158#define Audit_ObjectAccess_FirewallPacketDrops_defined
159#endif
160#endif
161
162#if !defined(INITGUID) || !defined(Audit_ObjectAccess_FirewallConnection_defined)
163DEFINE_GUID(Audit_ObjectAccess_FirewallConnection, 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
164#ifdef INITGUID
165#define Audit_ObjectAccess_FirewallConnection_defined
166#endif
167#endif
168
169#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Other_defined)
170DEFINE_GUID(Audit_ObjectAccess_Other, 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
171#ifdef INITGUID
172#define Audit_ObjectAccess_Other_defined
173#endif
174#endif
175
176#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_Sensitive_defined)
177DEFINE_GUID(Audit_PrivilegeUse_Sensitive, 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
178#ifdef INITGUID
179#define Audit_PrivilegeUse_Sensitive_defined
180#endif
181#endif
182
183#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_NonSensitive_defined)
184DEFINE_GUID(Audit_PrivilegeUse_NonSensitive, 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
185#ifdef INITGUID
186#define Audit_PrivilegeUse_NonSensitive_defined
187#endif
188#endif
189
190#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_Others_defined)
191DEFINE_GUID(Audit_PrivilegeUse_Others, 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
192#ifdef INITGUID
193#define Audit_PrivilegeUse_Others_defined
194#endif
195#endif
196
197#if !defined(INITGUID) || !defined(Audit_DetailedTracking_ProcessCreation_defined)
198DEFINE_GUID(Audit_DetailedTracking_ProcessCreation, 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
199#ifdef INITGUID
200#define Audit_DetailedTracking_ProcessCreation_defined
201#endif
202#endif
203
204#if !defined(INITGUID) || !defined(Audit_DetailedTracking_ProcessTermination_defined)
205DEFINE_GUID(Audit_DetailedTracking_ProcessTermination, 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
206#ifdef INITGUID
207#define Audit_DetailedTracking_ProcessTermination_defined
208#endif
209#endif
210
211#if !defined(INITGUID) || !defined(Audit_DetailedTracking_DpapiActivity_defined)
212DEFINE_GUID(Audit_DetailedTracking_DpapiActivity, 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
213#ifdef INITGUID
214#define Audit_DetailedTracking_DpapiActivity_defined
215#endif
216#endif
217
218#if !defined(INITGUID) || !defined(Audit_DetailedTracking_RpcCall_defined)
219DEFINE_GUID(Audit_DetailedTracking_RpcCall, 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
220#ifdef INITGUID
221#define Audit_DetailedTracking_RpcCall_defined
222#endif
223#endif
224
225#if !defined(INITGUID) || !defined(Audit_PolicyChange_AuditPolicy_defined)
226DEFINE_GUID(Audit_PolicyChange_AuditPolicy, 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
227#ifdef INITGUID
228#define Audit_PolicyChange_AuditPolicy_defined
229#endif
230#endif
231
232#if !defined(INITGUID) || !defined(Audit_PolicyChange_AuthenticationPolicy_defined)
233DEFINE_GUID(Audit_PolicyChange_AuthenticationPolicy, 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
234#ifdef INITGUID
235#define Audit_PolicyChange_AuthenticationPolicy_defined
236#endif
237#endif
238
239#if !defined(INITGUID) || !defined(Audit_PolicyChange_AuthorizationPolicy_defined)
240DEFINE_GUID(Audit_PolicyChange_AuthorizationPolicy, 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
241#ifdef INITGUID
242#define Audit_PolicyChange_AuthorizationPolicy_defined
243#endif
244#endif
245
246#if !defined(INITGUID) || !defined(Audit_PolicyChange_MpsscvRulePolicy_defined)
247DEFINE_GUID(Audit_PolicyChange_MpsscvRulePolicy, 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
248#ifdef INITGUID
249#define Audit_PolicyChange_MpsscvRulePolicy_defined
250#endif
251#endif
252
253#if !defined(INITGUID) || !defined(Audit_PolicyChange_WfpIPSecPolicy_defined)
254DEFINE_GUID(Audit_PolicyChange_WfpIPSecPolicy, 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
255#ifdef INITGUID
256#define Audit_PolicyChange_WfpIPSecPolicy_defined
257#endif
258#endif
259
260#if !defined(INITGUID) || !defined(Audit_PolicyChange_Others_defined)
261DEFINE_GUID(Audit_PolicyChange_Others, 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
262#ifdef INITGUID
263#define Audit_PolicyChange_Others_defined
264#endif
265#endif
266
267#if !defined(INITGUID) || !defined(Audit_AccountManagement_UserAccount_defined)
268DEFINE_GUID(Audit_AccountManagement_UserAccount, 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
269#ifdef INITGUID
270#define Audit_AccountManagement_UserAccount_defined
271#endif
272#endif
273
274#if !defined(INITGUID) || !defined(Audit_AccountManagement_ComputerAccount_defined)
275DEFINE_GUID(Audit_AccountManagement_ComputerAccount, 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
276#ifdef INITGUID
277#define Audit_AccountManagement_ComputerAccount_defined
278#endif
279#endif
280
281#if !defined(INITGUID) || !defined(Audit_AccountManagement_SecurityGroup_defined)
282DEFINE_GUID(Audit_AccountManagement_SecurityGroup, 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
283#ifdef INITGUID
284#define Audit_AccountManagement_SecurityGroup_defined
285#endif
286#endif
287
288#if !defined(INITGUID) || !defined(Audit_AccountManagement_DistributionGroup_defined)
289DEFINE_GUID(Audit_AccountManagement_DistributionGroup, 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
290#ifdef INITGUID
291#define Audit_AccountManagement_DistributionGroup_defined
292#endif
293#endif
294
295#if !defined(INITGUID) || !defined(Audit_AccountManagement_ApplicationGroup_defined)
296DEFINE_GUID(Audit_AccountManagement_ApplicationGroup, 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
297#ifdef INITGUID
298#define Audit_AccountManagement_ApplicationGroup_defined
299#endif
300#endif
301
302#if !defined(INITGUID) || !defined(Audit_AccountManagement_Others_defined)
303DEFINE_GUID(Audit_AccountManagement_Others, 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
304#ifdef INITGUID
305#define Audit_AccountManagement_Others_defined
306#endif
307#endif
308
309#if !defined(INITGUID) || !defined(Audit_DSAccess_DSAccess_defined)
310DEFINE_GUID(Audit_DSAccess_DSAccess, 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
311#ifdef INITGUID
312#define Audit_DSAccess_DSAccess_defined
313#endif
314#endif
315
316#if !defined(INITGUID) || !defined(Audit_DsAccess_AdAuditChanges_defined)
317DEFINE_GUID(Audit_DsAccess_AdAuditChanges, 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
318#ifdef INITGUID
319#define Audit_DsAccess_AdAuditChanges_defined
320#endif
321#endif
322
323#if !defined(INITGUID) || !defined(Audit_Ds_Replication_defined)
324DEFINE_GUID(Audit_Ds_Replication, 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
325#ifdef INITGUID
326#define Audit_Ds_Replication_defined
327#endif
328#endif
329
330#if !defined(INITGUID) || !defined(Audit_Ds_DetailedReplication_defined)
331DEFINE_GUID(Audit_Ds_DetailedReplication, 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
332#ifdef INITGUID
333#define Audit_Ds_DetailedReplication_defined
334#endif
335#endif
336
337#if !defined(INITGUID) || !defined(Audit_AccountLogon_CredentialValidation_defined)
338DEFINE_GUID(Audit_AccountLogon_CredentialValidation, 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
339#ifdef INITGUID
340#define Audit_AccountLogon_CredentialValidation_defined
341#endif
342#endif
343
344#if !defined(INITGUID) || !defined(Audit_AccountLogon_Kerberos_defined)
345DEFINE_GUID(Audit_AccountLogon_Kerberos, 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
346#ifdef INITGUID
347#define Audit_AccountLogon_Kerberos_defined
348#endif
349#endif
350
351#if !defined(INITGUID) || !defined(Audit_AccountLogon_Others_defined)
352DEFINE_GUID(Audit_AccountLogon_Others, 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
353#ifdef INITGUID
354#define Audit_AccountLogon_Others_defined
355#endif
356#endif
357
358#if !defined(INITGUID) || !defined(Audit_AccountLogon_KerbCredentialValidation_defined)
359DEFINE_GUID(Audit_AccountLogon_KerbCredentialValidation, 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
360#ifdef INITGUID
361#define Audit_AccountLogon_KerbCredentialValidation_defined
362#endif
363#endif
364
365#if !defined(INITGUID) || !defined(Audit_Logon_NPS_defined)
366DEFINE_GUID(Audit_Logon_NPS, 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
367#ifdef INITGUID
368#define Audit_Logon_NPS_defined
369#endif
370#endif
371
372#if !defined(INITGUID) || !defined(Audit_ObjectAccess_DetailedFileShare_defined)
373DEFINE_GUID(Audit_ObjectAccess_DetailedFileShare, 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
374#ifdef INITGUID
375#define Audit_ObjectAccess_DetailedFileShare_defined
376#endif
377#endif
378
379#if !defined(INITGUID) || !defined(Audit_ObjectAccess_RemovableStorage_defined)
380DEFINE_GUID(Audit_ObjectAccess_RemovableStorage, 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
381#ifdef INITGUID
382#define Audit_ObjectAccess_RemovableStorage_defined
383#endif
384#endif
385
386#if !defined(INITGUID) || !defined(Audit_ObjectAccess_CbacStaging_defined)
387DEFINE_GUID(Audit_ObjectAccess_CbacStaging, 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
388#ifdef INITGUID
389#define Audit_ObjectAccess_CbacStaging_defined
390#endif
391#endif
392
393#if !defined(INITGUID) || !defined(Audit_Logon_Claims_defined)
394DEFINE_GUID(Audit_Logon_Claims, 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
395#ifdef INITGUID
396#define Audit_Logon_Claims_defined
397#endif
398#endif
399
400#if !defined(INITGUID) || !defined(Audit_DetailedTracking_PnpActivity_defined)
401DEFINE_GUID(Audit_DetailedTracking_PnpActivity, 0x0cce9248, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
402#ifdef INITGUID
403#define Audit_DetailedTracking_PnpActivity_defined
404#endif
405#endif
406
407#if !defined(INITGUID) || !defined(Audit_Logon_Groups_defined)
408DEFINE_GUID(Audit_Logon_Groups, 0x0cce9249, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
409#ifdef INITGUID
410#define Audit_Logon_Groups_defined
411#endif
412#endif
413
414#if !defined(INITGUID) || !defined(Audit_DetailedTracking_TokenRightAdjusted_defined)
415DEFINE_GUID(Audit_DetailedTracking_TokenRightAdjusted, 0x0cce924a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
416#ifdef INITGUID
417#define Audit_DetailedTracking_TokenRightAdjusted_defined
418#endif
419#endif
420
421#if !defined(INITGUID) || !defined(Audit_System_defined)
422DEFINE_GUID(Audit_System, 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
423#ifdef INITGUID
424#define Audit_System_defined
425#endif
426#endif
427
428#if !defined(INITGUID) || !defined(Audit_Logon_defined)
429DEFINE_GUID(Audit_Logon, 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
430#ifdef INITGUID
431#define Audit_Logon_defined
432#endif
433#endif
434
435#if !defined(INITGUID) || !defined(Audit_ObjectAccess_defined)
436DEFINE_GUID(Audit_ObjectAccess, 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
437#ifdef INITGUID
438#define Audit_ObjectAccess_defined
439#endif
440#endif
441
442#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_defined)
443DEFINE_GUID(Audit_PrivilegeUse, 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
444#ifdef INITGUID
445#define Audit_PrivilegeUse_defined
446#endif
447#endif
448
449#if !defined(INITGUID) || !defined(Audit_DetailedTracking_defined)
450DEFINE_GUID(Audit_DetailedTracking, 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
451#ifdef INITGUID
452#define Audit_DetailedTracking_defined
453#endif
454#endif
455
456#if !defined(INITGUID) || !defined(Audit_PolicyChange_defined)
457DEFINE_GUID(Audit_PolicyChange, 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
458#ifdef INITGUID
459#define Audit_PolicyChange_defined
460#endif
461#endif
462
463#if !defined(INITGUID) || !defined(Audit_AccountManagement_defined)
464DEFINE_GUID(Audit_AccountManagement, 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
465#ifdef INITGUID
466#define Audit_AccountManagement_defined
467#endif
468#endif
469
470#if !defined(INITGUID) || !defined(Audit_DirectoryServiceAccess_defined)
471DEFINE_GUID(Audit_DirectoryServiceAccess, 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
472#ifdef INITGUID
473#define Audit_DirectoryServiceAccess_defined
474#endif
475#endif
476
477#if !defined(INITGUID) || !defined(Audit_AccountLogon_defined)
478DEFINE_GUID(Audit_AccountLogon, 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
479#ifdef INITGUID
480#define Audit_AccountLogon_defined
481#endif
482#endif
483#endif
484
485#ifndef _NTSECAPI_
486#define _NTSECAPI_
487
488#ifdef __cplusplus
489extern "C" {
490#endif
491
492#if !defined (_NTDEF_) && !defined (_NTSTATUS_PSDK)
493#define _NTSTATUS_PSDK
494 typedef LONG NTSTATUS,*PNTSTATUS;
495#endif
496
497#ifndef _NTLSA_IFS_
498 typedef ULONG LSA_OPERATIONAL_MODE,*PLSA_OPERATIONAL_MODE;
499#endif
500
501#define LSA_MODE_PASSWORD_PROTECTED (__MSABI_LONG(0x00000001))
502#define LSA_MODE_INDIVIDUAL_ACCOUNTS (__MSABI_LONG(0x00000002))
503#define LSA_MODE_MANDATORY_ACCESS (__MSABI_LONG(0x00000004))
504#define LSA_MODE_LOG_FULL (__MSABI_LONG(0x00000008))
505
506#ifndef _NTLSA_IFS_
507 typedef enum _SECURITY_LOGON_TYPE {
508 UndefinedLogonType = 0,
509 Interactive = 2,
510 Network,
511 Batch,
512 Service,
513 Proxy,
514 Unlock,
515 NetworkCleartext,
516 NewCredentials
517#if _WIN32_WINNT >= 0x0501
518 ,RemoteInteractive
519 ,CachedInteractive
520#endif
521#if _WIN32_WINNT >= 0x0502
522 ,CachedRemoteInteractive
523 ,CachedUnlock
524#endif
525 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
526
527#endif
528
529#ifndef _NTLSA_IFS_
530
531#ifndef _NTLSA_AUDIT_
532#define _NTLSA_AUDIT_
533
534typedef enum _SE_ADT_PARAMETER_TYPE {
535 SeAdtParmTypeNone = 0,
536 SeAdtParmTypeString,
537 SeAdtParmTypeFileSpec,
538 SeAdtParmTypeUlong,
539 SeAdtParmTypeSid,
540 SeAdtParmTypeLogonId,
541 SeAdtParmTypeNoLogonId,
542 SeAdtParmTypeAccessMask,
543 SeAdtParmTypePrivs,
544 SeAdtParmTypeObjectTypes,
545 SeAdtParmTypeHexUlong,
546 SeAdtParmTypePtr,
547 SeAdtParmTypeTime,
548 SeAdtParmTypeGuid,
549 SeAdtParmTypeLuid,
550 SeAdtParmTypeHexInt64,
551 SeAdtParmTypeStringList,
552 SeAdtParmTypeSidList,
553 SeAdtParmTypeDuration,
554 SeAdtParmTypeUserAccountControl,
555 SeAdtParmTypeNoUac,
556 SeAdtParmTypeMessage,
557 SeAdtParmTypeDateTime,
558 SeAdtParmTypeSockAddr,
559 SeAdtParmTypeSD,
560 SeAdtParmTypeLogonHours,
561 SeAdtParmTypeLogonIdNoSid,
562 SeAdtParmTypeUlongNoConv,
563 SeAdtParmTypeSockAddrNoPort,
564 SeAdtParmTypeAccessReason,
565 SeAdtParmTypeStagingReason,
566 SeAdtParmTypeResourceAttribute,
567 SeAdtParmTypeClaims,
568 SeAdtParmTypeLogonIdAsSid,
569 SeAdtParmTypeMultiSzString,
570 SeAdtParmTypeLogonIdEx
571 } SE_ADT_PARAMETER_TYPE, *PSE_ADT_PARAMETER_TYPE;
572
573#include <guiddef.h>
574
575#define SE_ADT_OBJECT_ONLY 0x1
576
577 typedef struct _SE_ADT_OBJECT_TYPE {
578 GUID ObjectType;
579 USHORT Flags;
580 USHORT Level;
581 ACCESS_MASK AccessMask;
582 } SE_ADT_OBJECT_TYPE,*PSE_ADT_OBJECT_TYPE;
583
584 typedef struct _SE_ADT_PARAMETER_ARRAY_ENTRY {
585 SE_ADT_PARAMETER_TYPE Type;
586 ULONG Length;
587 ULONG_PTR Data[2];
588 PVOID Address;
589 } SE_ADT_PARAMETER_ARRAY_ENTRY,*PSE_ADT_PARAMETER_ARRAY_ENTRY;
590
591 typedef struct _SE_ADT_ACCESS_REASON {
592 ACCESS_MASK AccessMask;
593 ULONG AccessReasons[32];
594 ULONG ObjectTypeIndex;
595 ULONG AccessGranted;
596 PSECURITY_DESCRIPTOR SecurityDescriptor;
597 } SE_ADT_ACCESS_REASON, *PSE_ADT_ACCESS_REASON;
598
599 typedef struct _SE_ADT_CLAIMS {
600 ULONG Length;
601 PCLAIMS_BLOB Claims;
602 } SE_ADT_CLAIMS, *PSE_ADT_CLAIMS;
603
604#define SE_MAX_AUDIT_PARAMETERS 32
605#define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
606
607 typedef struct _SE_ADT_PARAMETER_ARRAY {
608 ULONG CategoryId;
609 ULONG AuditId;
610 ULONG ParameterCount;
611 ULONG Length;
612 USHORT Type;
613 ULONG Flags;
614 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[SE_MAX_AUDIT_PARAMETERS];
615 } SE_ADT_PARAMETER_ARRAY,*PSE_ADT_PARAMETER_ARRAY;
616
617 typedef struct _SE_ADT_PARAMETER_ARRAY_EX {
618 ULONG CategoryId;
619 ULONG AuditId;
620 ULONG Version;
621 ULONG ParameterCount;
622 ULONG Length;
623 USHORT FlatSubCategoryId;
624 USHORT Type;
625 ULONG Flags;
626 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[SE_MAX_AUDIT_PARAMETERS];
627 } SE_ADT_PARAMETER_ARRAY_EX, *PSE_ADT_PARAMETER_ARRAY_EX;
628
629#define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
630#define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
631#define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004
632#define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008
633#define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010
634
635#define LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE(AuditParameters) (sizeof(SE_ADT_PARAMETER_ARRAY) - sizeof(SE_ADT_PARAMETER_ARRAY_ENTRY) * (SE_MAX_AUDIT_PARAMETERS - AuditParameters->ParameterCount))
636
637#endif /* _NTLSA_AUDIT_ */
638#endif /* _NTLSA_IFS_ */
639
640 typedef enum _POLICY_AUDIT_EVENT_TYPE {
641 AuditCategorySystem = 0,AuditCategoryLogon,AuditCategoryObjectAccess,AuditCategoryPrivilegeUse,AuditCategoryDetailedTracking,
642 AuditCategoryPolicyChange,AuditCategoryAccountManagement,AuditCategoryDirectoryServiceAccess,AuditCategoryAccountLogon
643 } POLICY_AUDIT_EVENT_TYPE,*PPOLICY_AUDIT_EVENT_TYPE;
644
645#define POLICY_AUDIT_EVENT_UNCHANGED (__MSABI_LONG(0x00000000))
646#define POLICY_AUDIT_EVENT_SUCCESS (__MSABI_LONG(0x00000001))
647#define POLICY_AUDIT_EVENT_FAILURE (__MSABI_LONG(0x00000002))
648#define POLICY_AUDIT_EVENT_NONE (__MSABI_LONG(0x00000004))
649#define POLICY_AUDIT_EVENT_MASK (POLICY_AUDIT_EVENT_SUCCESS | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE)
650
651#ifdef _NTDEF_
652 typedef UNICODE_STRING LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
653 typedef STRING LSA_STRING,*PLSA_STRING;
654 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES,*PLSA_OBJECT_ATTRIBUTES;
655#else
656
657#ifndef _NO_W32_PSEUDO_MODIFIERS
658#ifndef IN
659#define IN
660#endif
661#ifndef OUT
662#define OUT
663#endif
664#ifndef OPTIONAL
665#define OPTIONAL
666#endif
667#endif
668
669 typedef struct _LSA_UNICODE_STRING {
670 USHORT Length;
671 USHORT MaximumLength;
672 PWSTR Buffer;
673 } LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
674
675 typedef struct _LSA_STRING {
676 USHORT Length;
677 USHORT MaximumLength;
678 PCHAR Buffer;
679 } LSA_STRING,*PLSA_STRING;
680
681 typedef struct _LSA_OBJECT_ATTRIBUTES {
682 ULONG Length;
683 HANDLE RootDirectory;
684 PLSA_UNICODE_STRING ObjectName;
685 ULONG Attributes;
686 PVOID SecurityDescriptor;
687 PVOID SecurityQualityOfService;
688 } LSA_OBJECT_ATTRIBUTES,*PLSA_OBJECT_ATTRIBUTES;
689#endif
690
691#define LSA_SUCCESS(Error) ((LONG)(Error) >= 0)
692
693#ifndef _NTLSA_IFS_
694 NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING LogonProcessName,PHANDLE LsaHandle,PLSA_OPERATIONAL_MODE SecurityMode);
695 NTSTATUS NTAPI LsaLogonUser(HANDLE LsaHandle,PLSA_STRING OriginName,SECURITY_LOGON_TYPE LogonType,ULONG AuthenticationPackage,PVOID AuthenticationInformation,ULONG AuthenticationInformationLength,PTOKEN_GROUPS LocalGroups,PTOKEN_SOURCE SourceContext,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PHANDLE Token,PQUOTA_LIMITS Quotas,PNTSTATUS SubStatus);
696 NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE LsaHandle,PLSA_STRING PackageName,PULONG AuthenticationPackage);
697 NTSTATUS NTAPI LsaFreeReturnBuffer (PVOID Buffer);
698 NTSTATUS NTAPI LsaCallAuthenticationPackage(HANDLE LsaHandle,ULONG AuthenticationPackage,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
699 NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE LsaHandle);
700 NTSTATUS NTAPI LsaConnectUntrusted(PHANDLE LsaHandle);
701 NTSTATUS NTAPI LsaInsertProtectedProcessAddress(PVOID BufferAddress,ULONG BufferSize);
702 NTSTATUS NTAPI LsaRemoveProtectedProcessAddress(PVOID BufferAddress,ULONG BufferSize);
703#endif
704
705#define POLICY_VIEW_LOCAL_INFORMATION __MSABI_LONG(0x00000001)
706#define POLICY_VIEW_AUDIT_INFORMATION __MSABI_LONG(0x00000002)
707#define POLICY_GET_PRIVATE_INFORMATION __MSABI_LONG(0x00000004)
708#define POLICY_TRUST_ADMIN __MSABI_LONG(0x00000008)
709#define POLICY_CREATE_ACCOUNT __MSABI_LONG(0x00000010)
710#define POLICY_CREATE_SECRET __MSABI_LONG(0x00000020)
711#define POLICY_CREATE_PRIVILEGE __MSABI_LONG(0x00000040)
712#define POLICY_SET_DEFAULT_QUOTA_LIMITS __MSABI_LONG(0x00000080)
713#define POLICY_SET_AUDIT_REQUIREMENTS __MSABI_LONG(0x00000100)
714#define POLICY_AUDIT_LOG_ADMIN __MSABI_LONG(0x00000200)
715#define POLICY_SERVER_ADMIN __MSABI_LONG(0x00000400)
716#define POLICY_LOOKUP_NAMES __MSABI_LONG(0x00000800)
717#define POLICY_NOTIFICATION __MSABI_LONG(0x00001000)
718
719#define POLICY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN | POLICY_LOOKUP_NAMES)
720#define POLICY_READ (STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION | POLICY_GET_PRIVATE_INFORMATION)
721#define POLICY_WRITE (STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN)
722#define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES)
723
724 typedef struct _LSA_TRUST_INFORMATION {
725 LSA_UNICODE_STRING Name;
726 PSID Sid;
727 } LSA_TRUST_INFORMATION,*PLSA_TRUST_INFORMATION;
728
729 typedef struct _LSA_REFERENCED_DOMAIN_LIST {
730 ULONG Entries;
731 PLSA_TRUST_INFORMATION Domains;
732 } LSA_REFERENCED_DOMAIN_LIST,*PLSA_REFERENCED_DOMAIN_LIST;
733
734 typedef struct _LSA_TRANSLATED_SID {
735 SID_NAME_USE Use;
736 ULONG RelativeId;
737 LONG DomainIndex;
738 } LSA_TRANSLATED_SID,*PLSA_TRANSLATED_SID;
739
740 typedef struct _LSA_TRANSLATED_SID2 {
741 SID_NAME_USE Use;
742 PSID Sid;
743 LONG DomainIndex;
744 ULONG Flags;
745 } LSA_TRANSLATED_SID2,*PLSA_TRANSLATED_SID2;
746
747 typedef struct _LSA_TRANSLATED_NAME {
748 SID_NAME_USE Use;
749 LSA_UNICODE_STRING Name;
750 LONG DomainIndex;
751 } LSA_TRANSLATED_NAME,*PLSA_TRANSLATED_NAME;
752
753 typedef enum _POLICY_LSA_SERVER_ROLE {
754 PolicyServerRoleBackup = 2,PolicyServerRolePrimary
755 } POLICY_LSA_SERVER_ROLE,*PPOLICY_LSA_SERVER_ROLE;
756
757 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS,*PPOLICY_AUDIT_EVENT_OPTIONS;
758
759 typedef enum _POLICY_INFORMATION_CLASS {
760 PolicyAuditLogInformation = 1,
761 PolicyAuditEventsInformation,
762 PolicyPrimaryDomainInformation,
763 PolicyPdAccountInformation,
764 PolicyAccountDomainInformation,
765 PolicyLsaServerRoleInformation,
766 PolicyReplicaSourceInformation,
767 PolicyDefaultQuotaInformation,
768 PolicyModificationInformation,
769 PolicyAuditFullSetInformation,
770 PolicyAuditFullQueryInformation,
771 PolicyDnsDomainInformation,
772 PolicyDnsDomainInformationInt,
773 PolicyLocalAccountDomainInformation,
774 PolicyMachineAccountInformation,
775 PolicyLastEntry
776 } POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
777
778 typedef struct _POLICY_AUDIT_LOG_INFO {
779 ULONG AuditLogPercentFull;
780 ULONG MaximumLogSize;
781 LARGE_INTEGER AuditRetentionPeriod;
782 BOOLEAN AuditLogFullShutdownInProgress;
783 LARGE_INTEGER TimeToShutdown;
784 ULONG NextAuditRecordId;
785 } POLICY_AUDIT_LOG_INFO,*PPOLICY_AUDIT_LOG_INFO;
786
787 typedef struct _POLICY_AUDIT_EVENTS_INFO {
788 BOOLEAN AuditingMode;
789 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
790 ULONG MaximumAuditEventCount;
791 } POLICY_AUDIT_EVENTS_INFO,*PPOLICY_AUDIT_EVENTS_INFO;
792
793 typedef struct _POLICY_AUDIT_SUBCATEGORIES_INFO {
794 ULONG MaximumSubCategoryCount;
795 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
796 } POLICY_AUDIT_SUBCATEGORIES_INFO, *PPOLICY_AUDIT_SUBCATEGORIES_INFO;
797
798 typedef struct _POLICY_AUDIT_CATEGORIES_INFO {
799 ULONG MaximumCategoryCount;
800 PPOLICY_AUDIT_SUBCATEGORIES_INFO SubCategoriesInfo;
801 } POLICY_AUDIT_CATEGORIES_INFO, *PPOLICY_AUDIT_CATEGORIES_INFO;
802
803 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO {
804 LSA_UNICODE_STRING DomainName;
805 PSID DomainSid;
806 } POLICY_ACCOUNT_DOMAIN_INFO,*PPOLICY_ACCOUNT_DOMAIN_INFO;
807
808 typedef struct _POLICY_PRIMARY_DOMAIN_INFO {
809 LSA_UNICODE_STRING Name;
810 PSID Sid;
811 } POLICY_PRIMARY_DOMAIN_INFO,*PPOLICY_PRIMARY_DOMAIN_INFO;
812
813 typedef struct _POLICY_DNS_DOMAIN_INFO {
814 LSA_UNICODE_STRING Name;
815 LSA_UNICODE_STRING DnsDomainName;
816 LSA_UNICODE_STRING DnsForestName;
817 GUID DomainGuid;
818 PSID Sid;
819 } POLICY_DNS_DOMAIN_INFO,*PPOLICY_DNS_DOMAIN_INFO;
820
821 typedef struct _POLICY_PD_ACCOUNT_INFO {
822 LSA_UNICODE_STRING Name;
823 } POLICY_PD_ACCOUNT_INFO,*PPOLICY_PD_ACCOUNT_INFO;
824
825 typedef struct _POLICY_LSA_SERVER_ROLE_INFO {
826 POLICY_LSA_SERVER_ROLE LsaServerRole;
827 } POLICY_LSA_SERVER_ROLE_INFO,*PPOLICY_LSA_SERVER_ROLE_INFO;
828
829 typedef struct _POLICY_REPLICA_SOURCE_INFO {
830 LSA_UNICODE_STRING ReplicaSource;
831 LSA_UNICODE_STRING ReplicaAccountName;
832 } POLICY_REPLICA_SOURCE_INFO,*PPOLICY_REPLICA_SOURCE_INFO;
833
834 typedef struct _POLICY_DEFAULT_QUOTA_INFO {
835 QUOTA_LIMITS QuotaLimits;
836 } POLICY_DEFAULT_QUOTA_INFO,*PPOLICY_DEFAULT_QUOTA_INFO;
837
838 typedef struct _POLICY_MODIFICATION_INFO {
839 LARGE_INTEGER ModifiedId;
840 LARGE_INTEGER DatabaseCreationTime;
841 } POLICY_MODIFICATION_INFO,*PPOLICY_MODIFICATION_INFO;
842
843 typedef struct _POLICY_AUDIT_FULL_SET_INFO {
844 BOOLEAN ShutDownOnFull;
845 } POLICY_AUDIT_FULL_SET_INFO,*PPOLICY_AUDIT_FULL_SET_INFO;
846
847 typedef struct _POLICY_AUDIT_FULL_QUERY_INFO {
848 BOOLEAN ShutDownOnFull;
849 BOOLEAN LogIsFull;
850 } POLICY_AUDIT_FULL_QUERY_INFO,*PPOLICY_AUDIT_FULL_QUERY_INFO;
851
852 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS {
853#if _WIN32_WINNT <= 0x0500
854 PolicyDomainQualityOfServiceInformation = 1,
855#endif
856 PolicyDomainEfsInformation = 2
857 ,PolicyDomainKerberosTicketInformation
858 } POLICY_DOMAIN_INFORMATION_CLASS, *PPOLICY_DOMAIN_INFORMATION_CLASS;
859
860 typedef struct _POLICY_DOMAIN_EFS_INFO {
861 ULONG InfoLength;
862 PUCHAR EfsBlob;
863 } POLICY_DOMAIN_EFS_INFO,*PPOLICY_DOMAIN_EFS_INFO;
864
865#define POLICY_KERBEROS_VALIDATE_CLIENT 0x00000080
866
867 typedef struct _POLICY_DOMAIN_KERBEROS_TICKET_INFO {
868 ULONG AuthenticationOptions;
869 LARGE_INTEGER MaxServiceTicketAge;
870 LARGE_INTEGER MaxTicketAge;
871 LARGE_INTEGER MaxRenewAge;
872 LARGE_INTEGER MaxClockSkew;
873 LARGE_INTEGER Reserved;
874 } POLICY_DOMAIN_KERBEROS_TICKET_INFO,*PPOLICY_DOMAIN_KERBEROS_TICKET_INFO;
875
876 typedef struct _POLICY_MACHINE_ACCT_INFO {
877 ULONG Rid;
878 PSID Sid;
879 } POLICY_MACHINE_ACCT_INFO, *PPOLICY_MACHINE_ACCT_INFO;
880
881 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS {
882 PolicyNotifyAuditEventsInformation = 1,
883 PolicyNotifyAccountDomainInformation,
884 PolicyNotifyServerRoleInformation,
885 PolicyNotifyDnsDomainInformation,
886 PolicyNotifyDomainEfsInformation,
887 PolicyNotifyDomainKerberosTicketInformation,
888 PolicyNotifyMachineAccountPasswordInformation,
889 PolicyNotifyGlobalSaclInformation,
890 PolicyNotifyMax
891 } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
892
893 typedef PVOID LSA_HANDLE,*PLSA_HANDLE;
894
895 typedef enum _TRUSTED_INFORMATION_CLASS {
896 TrustedDomainNameInformation = 1,
897 TrustedControllersInformation,
898 TrustedPosixOffsetInformation,
899 TrustedPasswordInformation,
900 TrustedDomainInformationBasic,
901 TrustedDomainInformationEx,
902 TrustedDomainAuthInformation,
903 TrustedDomainFullInformation,
904 TrustedDomainAuthInformationInternal,
905 TrustedDomainFullInformationInternal,
906 TrustedDomainInformationEx2Internal,
907 TrustedDomainFullInformation2Internal,
908 TrustedDomainSupportedEncryptionTypes
909 } TRUSTED_INFORMATION_CLASS,*PTRUSTED_INFORMATION_CLASS;
910
911 typedef struct _TRUSTED_DOMAIN_NAME_INFO {
912 LSA_UNICODE_STRING Name;
913 } TRUSTED_DOMAIN_NAME_INFO,*PTRUSTED_DOMAIN_NAME_INFO;
914
915 typedef struct _TRUSTED_CONTROLLERS_INFO {
916 ULONG Entries;
917 PLSA_UNICODE_STRING Names;
918 } TRUSTED_CONTROLLERS_INFO,*PTRUSTED_CONTROLLERS_INFO;
919
920 typedef struct _TRUSTED_POSIX_OFFSET_INFO {
921 ULONG Offset;
922 } TRUSTED_POSIX_OFFSET_INFO,*PTRUSTED_POSIX_OFFSET_INFO;
923
924 typedef struct _TRUSTED_PASSWORD_INFO {
925 LSA_UNICODE_STRING Password;
926 LSA_UNICODE_STRING OldPassword;
927 } TRUSTED_PASSWORD_INFO,*PTRUSTED_PASSWORD_INFO;
928
929 typedef LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC;
930 typedef PLSA_TRUST_INFORMATION PTRUSTED_DOMAIN_INFORMATION_BASIC;
931
932#define TRUST_DIRECTION_DISABLED 0x00000000
933#define TRUST_DIRECTION_INBOUND 0x00000001
934#define TRUST_DIRECTION_OUTBOUND 0x00000002
935#define TRUST_DIRECTION_BIDIRECTIONAL (TRUST_DIRECTION_INBOUND | TRUST_DIRECTION_OUTBOUND)
936
937#define TRUST_TYPE_DOWNLEVEL 0x00000001
938#define TRUST_TYPE_UPLEVEL 0x00000002
939#define TRUST_TYPE_MIT 0x00000003
940
941#define TRUST_ATTRIBUTE_NON_TRANSITIVE 0x00000001
942#define TRUST_ATTRIBUTE_UPLEVEL_ONLY 0x00000002
943#define TRUST_ATTRIBUTE_QUARANTINED_DOMAIN 0x00000004
944#define TRUST_ATTRIBUTE_FOREST_TRANSITIVE 0x00000008
945#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION 0x00000010
946#define TRUST_ATTRIBUTE_WITHIN_FOREST 0x00000020
947#define TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL 0x00000040
948
949#if _WIN32_WINNT >= 0x0600
950#define TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION 0x00000080
951#define TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS 0x00000100
952#endif
953
954#if _WIN32_WINNT >= 0x0602
955#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION 0x00000200
956#define TRUST_ATTRIBUTE_PIM_TRUST 0x00000400
957#endif
958
959#if _WIN32_WINNT >= 0x0603
960#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION 0x00000800
961#endif
962
963#define TRUST_ATTRIBUTES_VALID 0xFF03FFFF
964#define TRUST_ATTRIBUTES_USER 0xFF000000
965
966 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX {
967 LSA_UNICODE_STRING Name;
968 LSA_UNICODE_STRING FlatName;
969 PSID Sid;
970 ULONG TrustDirection;
971 ULONG TrustType;
972 ULONG TrustAttributes;
973 } TRUSTED_DOMAIN_INFORMATION_EX,*PTRUSTED_DOMAIN_INFORMATION_EX;
974
975 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX2 {
976 LSA_UNICODE_STRING Name;
977 LSA_UNICODE_STRING FlatName;
978 PSID Sid;
979 ULONG TrustDirection;
980 ULONG TrustType;
981 ULONG TrustAttributes;
982 ULONG ForestTrustLength;
983 PUCHAR ForestTrustInfo;
984 } TRUSTED_DOMAIN_INFORMATION_EX2,*PTRUSTED_DOMAIN_INFORMATION_EX2;
985
986#define TRUST_AUTH_TYPE_NONE 0
987#define TRUST_AUTH_TYPE_NT4OWF 1
988#define TRUST_AUTH_TYPE_CLEAR 2
989#define TRUST_AUTH_TYPE_VERSION 3
990
991 typedef struct _LSA_AUTH_INFORMATION {
992 LARGE_INTEGER LastUpdateTime;
993 ULONG AuthType;
994 ULONG AuthInfoLength;
995 PUCHAR AuthInfo;
996 } LSA_AUTH_INFORMATION,*PLSA_AUTH_INFORMATION;
997
998 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION {
999 ULONG IncomingAuthInfos;
1000 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
1001 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
1002 ULONG OutgoingAuthInfos;
1003 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
1004 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
1005 } TRUSTED_DOMAIN_AUTH_INFORMATION,*PTRUSTED_DOMAIN_AUTH_INFORMATION;
1006
1007 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION {
1008 TRUSTED_DOMAIN_INFORMATION_EX Information;
1009 TRUSTED_POSIX_OFFSET_INFO PosixOffset;
1010 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
1011 } TRUSTED_DOMAIN_FULL_INFORMATION,*PTRUSTED_DOMAIN_FULL_INFORMATION;
1012
1013 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION2 {
1014 TRUSTED_DOMAIN_INFORMATION_EX2 Information;
1015 TRUSTED_POSIX_OFFSET_INFO PosixOffset;
1016 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
1017 } TRUSTED_DOMAIN_FULL_INFORMATION2,*PTRUSTED_DOMAIN_FULL_INFORMATION2;
1018
1019 typedef struct _TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
1020 ULONG SupportedEncryptionTypes;
1021 } TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES,*PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
1022
1023 typedef enum {
1024 ForestTrustTopLevelName,ForestTrustTopLevelNameEx,ForestTrustDomainInfo,ForestTrustRecordTypeLast = ForestTrustDomainInfo
1025 } LSA_FOREST_TRUST_RECORD_TYPE;
1026
1027#define LSA_FTRECORD_DISABLED_REASONS (__MSABI_LONG(0x0000FFFF))
1028
1029#define LSA_TLN_DISABLED_NEW (__MSABI_LONG(0x00000001))
1030#define LSA_TLN_DISABLED_ADMIN (__MSABI_LONG(0x00000002))
1031#define LSA_TLN_DISABLED_CONFLICT (__MSABI_LONG(0x00000004))
1032
1033#define LSA_SID_DISABLED_ADMIN (__MSABI_LONG(0x00000001))
1034#define LSA_SID_DISABLED_CONFLICT (__MSABI_LONG(0x00000002))
1035#define LSA_NB_DISABLED_ADMIN (__MSABI_LONG(0x00000004))
1036#define LSA_NB_DISABLED_CONFLICT (__MSABI_LONG(0x00000008))
1037
1038 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO {
1039 PSID Sid;
1040 LSA_UNICODE_STRING DnsName;
1041 LSA_UNICODE_STRING NetbiosName;
1042 } LSA_FOREST_TRUST_DOMAIN_INFO,*PLSA_FOREST_TRUST_DOMAIN_INFO;
1043
1044#define MAX_FOREST_TRUST_BINARY_DATA_SIZE (128*1024)
1045
1046 typedef struct _LSA_FOREST_TRUST_BINARY_DATA {
1047 ULONG Length;
1048 PUCHAR Buffer;
1049 } LSA_FOREST_TRUST_BINARY_DATA,*PLSA_FOREST_TRUST_BINARY_DATA;
1050
1051 typedef struct _LSA_FOREST_TRUST_RECORD {
1052 ULONG Flags;
1053 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
1054 LARGE_INTEGER Time;
1055 union {
1056 LSA_UNICODE_STRING TopLevelName;
1057 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
1058 LSA_FOREST_TRUST_BINARY_DATA Data;
1059 } ForestTrustData;
1060 } LSA_FOREST_TRUST_RECORD,*PLSA_FOREST_TRUST_RECORD;
1061
1062#define MAX_RECORDS_IN_FOREST_TRUST_INFO 4000
1063
1064 typedef struct _LSA_FOREST_TRUST_INFORMATION {
1065 ULONG RecordCount;
1066 PLSA_FOREST_TRUST_RECORD *Entries;
1067 } LSA_FOREST_TRUST_INFORMATION,*PLSA_FOREST_TRUST_INFORMATION;
1068
1069 typedef enum {
1070 CollisionTdo,CollisionXref,CollisionOther
1071 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
1072
1073 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD {
1074 ULONG Index;
1075 LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type;
1076 ULONG Flags;
1077 LSA_UNICODE_STRING Name;
1078 } LSA_FOREST_TRUST_COLLISION_RECORD,*PLSA_FOREST_TRUST_COLLISION_RECORD;
1079
1080 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION {
1081 ULONG RecordCount;
1082 PLSA_FOREST_TRUST_COLLISION_RECORD *Entries;
1083 } LSA_FOREST_TRUST_COLLISION_INFORMATION,*PLSA_FOREST_TRUST_COLLISION_INFORMATION;
1084
1085 typedef ULONG LSA_ENUMERATION_HANDLE,*PLSA_ENUMERATION_HANDLE;
1086
1087 typedef struct _LSA_ENUMERATION_INFORMATION {
1088 PSID Sid;
1089 } LSA_ENUMERATION_INFORMATION,*PLSA_ENUMERATION_INFORMATION;
1090
1091 NTSTATUS NTAPI LsaFreeMemory(PVOID Buffer);
1092 NTSTATUS NTAPI LsaClose(LSA_HANDLE ObjectHandle);
1093
1094 #if (_WIN32_WINNT >= 0x0600)
1095 typedef struct _LSA_LAST_INTER_LOGON_INFO {
1096 LARGE_INTEGER LastSuccessfulLogon;
1097 LARGE_INTEGER LastFailedLogon;
1098 ULONG FailedAttemptCountSinceLastSuccessfulLogon;
1099 } LSA_LAST_INTER_LOGON_INFO,*PLSA_LAST_INTER_LOGON_INFO;
1100 #endif
1101
1102 typedef struct _SECURITY_LOGON_SESSION_DATA {
1103 ULONG Size;
1104 LUID LogonId;
1105 LSA_UNICODE_STRING UserName;
1106 LSA_UNICODE_STRING LogonDomain;
1107 LSA_UNICODE_STRING AuthenticationPackage;
1108 ULONG LogonType;
1109 ULONG Session;
1110 PSID Sid;
1111 LARGE_INTEGER LogonTime;
1112 LSA_UNICODE_STRING LogonServer;
1113 LSA_UNICODE_STRING DnsDomainName;
1114 LSA_UNICODE_STRING Upn;
1115 #if (_WIN32_WINNT >= 0x0600)
1116 ULONG UserFlags;
1117 LSA_LAST_INTER_LOGON_INFO LastLogonInfo;
1118 LSA_UNICODE_STRING LogonScript;
1119 LSA_UNICODE_STRING ProfilePath;
1120 LSA_UNICODE_STRING HomeDirectory;
1121 LSA_UNICODE_STRING HomeDirectoryDrive;
1122 LARGE_INTEGER LogoffTime;
1123 LARGE_INTEGER KickOffTime;
1124 LARGE_INTEGER PasswordLastSet;
1125 LARGE_INTEGER PasswordCanChange;
1126 LARGE_INTEGER PasswordMustChange;
1127 #endif
1128 } SECURITY_LOGON_SESSION_DATA,*PSECURITY_LOGON_SESSION_DATA;
1129
1130 NTSTATUS NTAPI LsaEnumerateLogonSessions(PULONG LogonSessionCount,PLUID *LogonSessionList);
1131 NTSTATUS NTAPI LsaGetLogonSessionData(PLUID LogonId,PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData);
1132 NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING SystemName,PLSA_OBJECT_ATTRIBUTES ObjectAttributes,ACCESS_MASK DesiredAccess,PLSA_HANDLE PolicyHandle);
1133 NTSTATUS NTAPI LsaQueryInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1134 NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_INFORMATION_CLASS InformationClass,PVOID Buffer);
1135 NTSTATUS NTAPI LsaQueryDomainInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_DOMAIN_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1136 NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_DOMAIN_INFORMATION_CLASS InformationClass,PVOID Buffer);
1137 NTSTATUS NTAPI LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,HANDLE NotificationEventHandle);
1138 NTSTATUS NTAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,HANDLE NotificationEventHandle);
1139 NTSTATUS NTAPI LsaEnumerateTrustedDomains(LSA_HANDLE PolicyHandle,PLSA_ENUMERATION_HANDLE EnumerationContext,PVOID *Buffer,ULONG PreferedMaximumLength,PULONG CountReturned);
1140 NTSTATUS NTAPI LsaLookupNames(LSA_HANDLE PolicyHandle,ULONG Count,PLSA_UNICODE_STRING Names,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_SID *Sids);
1141 NTSTATUS NTAPI LsaLookupNames2(LSA_HANDLE PolicyHandle,ULONG Flags,ULONG Count,PLSA_UNICODE_STRING Names,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_SID2 *Sids);
1142 NTSTATUS NTAPI LsaLookupSids(LSA_HANDLE PolicyHandle,ULONG Count,PSID *Sids,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_NAME *Names);
1143 NTSTATUS NTAPI LsaLookupSids2(LSA_HANDLE PolicyHandle,ULONG LookupOptions,ULONG Count,PSID *Sids,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_NAME *Names);
1144 NTSTATUS NTAPI LsaSetCAPs(PLSA_UNICODE_STRING CAPDNs,ULONG CAPDNCount,ULONG Flags);
1145 NTSTATUS NTAPI LsaGetAppliedCAPIDs(PLSA_UNICODE_STRING SystemName,PSID **CAPIDs,PULONG CAPIDCount);
1146
1147 #define MAXIMUM_CAPES_PER_CAP 0x7f
1148
1149 #define CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG 0x00000001
1150 #define CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG 0x00000100
1151 #define CENTRAL_ACCESS_POLICY_STAGED_FLAG 0x00010000
1152 #define STAGING_FLAG(Effective) ((Effective & 0xf) << 8)
1153
1154 #define CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK (CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG | \
1155 CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG | \
1156 CENTRAL_ACCESS_POLICY_STAGED_FLAG)
1157
1158 #define LSASETCAPS_RELOAD_FLAG 0x00000001
1159 #define LSASETCAPS_VALID_FLAG_MASK LSASETCAPS_RELOAD_FLAG
1160
1161 typedef struct _CENTRAL_ACCESS_POLICY_ENTRY {
1162 LSA_UNICODE_STRING Name;
1163 LSA_UNICODE_STRING Description;
1164 LSA_UNICODE_STRING ChangeId;
1165 ULONG LengthAppliesTo;
1166 PUCHAR AppliesTo;
1167 ULONG LengthSD;
1168 PSECURITY_DESCRIPTOR SD;
1169 ULONG LengthStagedSD;
1170 PSECURITY_DESCRIPTOR StagedSD;
1171 ULONG Flags;
1172 } CENTRAL_ACCESS_POLICY_ENTRY, *PCENTRAL_ACCESS_POLICY_ENTRY;
1173
1174 typedef const CENTRAL_ACCESS_POLICY_ENTRY *PCCENTRAL_ACCESS_POLICY_ENTRY;
1175
1176 typedef struct _CENTRAL_ACCESS_POLICY {
1177 PSID CAPID;
1178 LSA_UNICODE_STRING Name;
1179 LSA_UNICODE_STRING Description;
1180 LSA_UNICODE_STRING ChangeId;
1181 ULONG Flags;
1182 ULONG CAPECount;
1183 PCENTRAL_ACCESS_POLICY_ENTRY *CAPEs;
1184 } CENTRAL_ACCESS_POLICY, *PCENTRAL_ACCESS_POLICY;
1185
1186 typedef const CENTRAL_ACCESS_POLICY *PCCENTRAL_ACCESS_POLICY;
1187
1188 NTSTATUS NTAPI LsaQueryCAPs(PSID *CAPIDs,ULONG CAPIDCount,PCENTRAL_ACCESS_POLICY *CAPs,PULONG CAPCount);
1189
1190#define SE_INTERACTIVE_LOGON_NAME TEXT("SeInteractiveLogonRight")
1191#define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
1192#define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
1193#define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
1194#define SE_DENY_INTERACTIVE_LOGON_NAME TEXT("SeDenyInteractiveLogonRight")
1195#define SE_DENY_NETWORK_LOGON_NAME TEXT("SeDenyNetworkLogonRight")
1196#define SE_DENY_BATCH_LOGON_NAME TEXT("SeDenyBatchLogonRight")
1197#define SE_DENY_SERVICE_LOGON_NAME TEXT("SeDenyServiceLogonRight")
1198#define SE_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeRemoteInteractiveLogonRight")
1199#define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeDenyRemoteInteractiveLogonRight")
1200
1201 NTSTATUS NTAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING UserRight,PVOID *Buffer,PULONG CountReturned);
1202 NTSTATUS NTAPI LsaEnumerateAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,PLSA_UNICODE_STRING *UserRights,PULONG CountOfRights);
1203 NTSTATUS NTAPI LsaAddAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,PLSA_UNICODE_STRING UserRights,ULONG CountOfRights);
1204 NTSTATUS NTAPI LsaRemoveAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,BOOLEAN AllRights,PLSA_UNICODE_STRING UserRights,ULONG CountOfRights);
1205 NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,ACCESS_MASK DesiredAccess,PLSA_HANDLE TrustedDomainHandle);
1206 NTSTATUS NTAPI LsaQueryTrustedDomainInfo(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid,TRUSTED_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1207 NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid,TRUSTED_INFORMATION_CLASS InformationClass,PVOID Buffer);
1208 NTSTATUS NTAPI LsaDeleteTrustedDomain(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid);
1209 NTSTATUS NTAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,TRUSTED_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1210 NTSTATUS NTAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,TRUSTED_INFORMATION_CLASS InformationClass,PVOID Buffer);
1211 NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE PolicyHandle,PLSA_ENUMERATION_HANDLE EnumerationContext,PVOID *Buffer,ULONG PreferedMaximumLength,PULONG CountReturned);
1212 NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE PolicyHandle,PTRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,PTRUSTED_DOMAIN_AUTH_INFORMATION AuthenticationInformation,ACCESS_MASK DesiredAccess,PLSA_HANDLE TrustedDomainHandle);
1213 NTSTATUS NTAPI LsaQueryForestTrustInformation(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo);
1214 NTSTATUS NTAPI LsaSetForestTrustInformation(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,BOOLEAN CheckOnly,PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo);
1215
1216#ifdef TESTING_MATCHING_ROUTINE
1217 NTSTATUS NTAPI LsaForestTrustFindMatch(LSA_HANDLE PolicyHandle,ULONG Type,PLSA_UNICODE_STRING Name,PLSA_UNICODE_STRING *Match);
1218#endif
1219
1220 NTSTATUS NTAPI LsaStorePrivateData(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING KeyName,PLSA_UNICODE_STRING PrivateData);
1221 NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING KeyName,PLSA_UNICODE_STRING *PrivateData);
1222 ULONG NTAPI LsaNtStatusToWinError(NTSTATUS Status);
1223
1224#ifndef _NTLSA_IFS_
1225#define _NTLSA_IFS_
1226#endif
1227
1228 enum NEGOTIATE_MESSAGES {
1229 NegEnumPackagePrefixes = 0,
1230 NegGetCallerName = 1,
1231 NegTransferCredentials = 2,
1232 NegMsgReserved1 = 3,
1233 NegCallPackageMax
1234 };
1235
1236#define NEGOTIATE_MAX_PREFIX 32
1237
1238 typedef struct _NEGOTIATE_PACKAGE_PREFIX {
1239 ULONG_PTR PackageId;
1240 PVOID PackageDataA;
1241 PVOID PackageDataW;
1242 ULONG_PTR PrefixLen;
1243 UCHAR Prefix[NEGOTIATE_MAX_PREFIX ];
1244 } NEGOTIATE_PACKAGE_PREFIX,*PNEGOTIATE_PACKAGE_PREFIX;
1245
1246 typedef struct _NEGOTIATE_PACKAGE_PREFIXES {
1247 ULONG MessageType;
1248 ULONG PrefixCount;
1249 ULONG Offset;
1250 ULONG Pad;
1251 } NEGOTIATE_PACKAGE_PREFIXES,*PNEGOTIATE_PACKAGE_PREFIXES;
1252
1253 typedef struct _NEGOTIATE_CALLER_NAME_REQUEST {
1254 ULONG MessageType;
1255 LUID LogonId;
1256 } NEGOTIATE_CALLER_NAME_REQUEST,*PNEGOTIATE_CALLER_NAME_REQUEST;
1257
1258 typedef struct _NEGOTIATE_CALLER_NAME_RESPONSE {
1259 ULONG MessageType;
1260 PWSTR CallerName;
1261 } NEGOTIATE_CALLER_NAME_RESPONSE,*PNEGOTIATE_CALLER_NAME_RESPONSE;
1262
1263#ifndef _NTDEF_
1264#ifndef __UNICODE_STRING_DEFINED
1265#define __UNICODE_STRING_DEFINED
1266 typedef LSA_UNICODE_STRING UNICODE_STRING,*PUNICODE_STRING;
1267#endif
1268#ifndef __STRING_DEFINED
1269#define __STRING_DEFINED
1270 typedef LSA_STRING STRING,*PSTRING;
1271#endif
1272#endif
1273
1274#ifndef _DOMAIN_PASSWORD_INFORMATION_DEFINED
1275#define _DOMAIN_PASSWORD_INFORMATION_DEFINED
1276 typedef struct _DOMAIN_PASSWORD_INFORMATION {
1277 USHORT MinPasswordLength;
1278 USHORT PasswordHistoryLength;
1279 ULONG PasswordProperties;
1280 LARGE_INTEGER MaxPasswordAge;
1281 LARGE_INTEGER MinPasswordAge;
1282 } DOMAIN_PASSWORD_INFORMATION,*PDOMAIN_PASSWORD_INFORMATION;
1283#endif
1284
1285#define DOMAIN_PASSWORD_COMPLEX __MSABI_LONG(0x00000001)
1286#define DOMAIN_PASSWORD_NO_ANON_CHANGE __MSABI_LONG(0x00000002)
1287#define DOMAIN_PASSWORD_NO_CLEAR_CHANGE __MSABI_LONG(0x00000004)
1288#define DOMAIN_LOCKOUT_ADMINS __MSABI_LONG(0x00000008)
1289#define DOMAIN_PASSWORD_STORE_CLEARTEXT __MSABI_LONG(0x00000010)
1290#define DOMAIN_REFUSE_PASSWORD_CHANGE __MSABI_LONG(0x00000020)
1291
1292#if _WIN32_WINNT >= 0x0502
1293#define DOMAIN_NO_LM_OWF_CHANGE __MSABI_LONG(0x00000040)
1294#endif
1295
1296#ifndef _PASSWORD_NOTIFICATION_DEFINED
1297#define _PASSWORD_NOTIFICATION_DEFINED
1298 typedef NTSTATUS (*PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING UserName,ULONG RelativeId,PUNICODE_STRING NewPassword);
1299
1300#define SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE "PasswordChangeNotify"
1301
1302 typedef BOOLEAN (*PSAM_INIT_NOTIFICATION_ROUTINE)();
1303
1304#define SAM_INIT_NOTIFICATION_ROUTINE "InitializeChangeNotify"
1305#define SAM_PASSWORD_FILTER_ROUTINE "PasswordFilter"
1306
1307 typedef BOOLEAN (*PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING AccountName,PUNICODE_STRING FullName,PUNICODE_STRING Password,BOOLEAN SetOperation);
1308#endif
1309
1310#define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
1311#define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
1312#define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
1313
1314#define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
1315#define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
1316
1317 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
1318 MsV1_0InteractiveLogon = 2,
1319 MsV1_0Lm20Logon,
1320 MsV1_0NetworkLogon,
1321 MsV1_0SubAuthLogon,
1322 MsV1_0WorkstationUnlockLogon = 7,
1323 MsV1_0S4ULogon = 12,
1324 MsV1_0VirtualLogon = 82,
1325 MsV1_0NoElevationLogon,
1326 MsV1_0LuidLogon
1327 } MSV1_0_LOGON_SUBMIT_TYPE,*PMSV1_0_LOGON_SUBMIT_TYPE;
1328
1329 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
1330 MsV1_0InteractiveProfile = 2,MsV1_0Lm20LogonProfile,MsV1_0SmartCardProfile
1331 } MSV1_0_PROFILE_BUFFER_TYPE,*PMSV1_0_PROFILE_BUFFER_TYPE;
1332
1333 typedef struct _MSV1_0_INTERACTIVE_LOGON {
1334 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1335 UNICODE_STRING LogonDomainName;
1336 UNICODE_STRING UserName;
1337 UNICODE_STRING Password;
1338 } MSV1_0_INTERACTIVE_LOGON,*PMSV1_0_INTERACTIVE_LOGON;
1339
1340 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
1341 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
1342 USHORT LogonCount;
1343 USHORT BadPasswordCount;
1344 LARGE_INTEGER LogonTime;
1345 LARGE_INTEGER LogoffTime;
1346 LARGE_INTEGER KickOffTime;
1347 LARGE_INTEGER PasswordLastSet;
1348 LARGE_INTEGER PasswordCanChange;
1349 LARGE_INTEGER PasswordMustChange;
1350 UNICODE_STRING LogonScript;
1351 UNICODE_STRING HomeDirectory;
1352 UNICODE_STRING FullName;
1353 UNICODE_STRING ProfilePath;
1354 UNICODE_STRING HomeDirectoryDrive;
1355 UNICODE_STRING LogonServer;
1356 ULONG UserFlags;
1357 } MSV1_0_INTERACTIVE_PROFILE,*PMSV1_0_INTERACTIVE_PROFILE;
1358
1359#define MSV1_0_CHALLENGE_LENGTH 8
1360#define MSV1_0_USER_SESSION_KEY_LENGTH 16
1361#define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
1362
1363#define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
1364#define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
1365#define MSV1_0_RETURN_USER_PARAMETERS 0x08
1366#define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
1367#define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
1368#define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
1369
1370#define MSV1_0_USE_CLIENT_CHALLENGE 0x80
1371#define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
1372#define MSV1_0_RETURN_PROFILE_PATH 0x200
1373#define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
1374#define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
1375#define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
1376#define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
1377#define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
1378#define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
1379#define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
1380#define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
1381
1382#if _WIN32_WINNT >= 0x0600
1383#define MSV1_0_S4U2SELF 0x00020000
1384#define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
1385#endif
1386
1387#if _WIN32_WINNT >= 0x0602
1388#define MSV1_0_INTERNET_DOMAIN 0x00080000
1389#endif
1390
1391#define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
1392#define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
1393#define MSV1_0_MNS_LOGON 0x01000000
1394
1395#define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
1396#define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
1397
1398 typedef struct _MSV1_0_LM20_LOGON {
1399 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1400 UNICODE_STRING LogonDomainName;
1401 UNICODE_STRING UserName;
1402 UNICODE_STRING Workstation;
1403 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1404 STRING CaseSensitiveChallengeResponse;
1405 STRING CaseInsensitiveChallengeResponse;
1406 ULONG ParameterControl;
1407 } MSV1_0_LM20_LOGON,*PMSV1_0_LM20_LOGON;
1408
1409 typedef struct _MSV1_0_SUBAUTH_LOGON{
1410 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1411 UNICODE_STRING LogonDomainName;
1412 UNICODE_STRING UserName;
1413 UNICODE_STRING Workstation;
1414 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1415 STRING AuthenticationInfo1;
1416 STRING AuthenticationInfo2;
1417 ULONG ParameterControl;
1418 ULONG SubAuthPackageId;
1419 } MSV1_0_SUBAUTH_LOGON,*PMSV1_0_SUBAUTH_LOGON;
1420
1421#if _WIN32_WINNT >= 0x0600
1422
1423#define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
1424
1425 typedef struct _MSV1_0_S4U_LOGON {
1426 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1427 ULONG Flags;
1428 UNICODE_STRING UserPrincipalName;
1429 UNICODE_STRING DomainName;
1430 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
1431
1432#endif
1433
1434#define LOGON_GUEST 0x01
1435#define LOGON_NOENCRYPTION 0x02
1436#define LOGON_CACHED_ACCOUNT 0x04
1437#define LOGON_USED_LM_PASSWORD 0x08
1438#define LOGON_EXTRA_SIDS 0x20
1439#define LOGON_SUBAUTH_SESSION_KEY 0x40
1440#define LOGON_SERVER_TRUST_ACCOUNT 0x80
1441#define LOGON_NTLMV2_ENABLED 0x100
1442#define LOGON_RESOURCE_GROUPS 0x200
1443#define LOGON_PROFILE_PATH_RETURNED 0x400
1444#define LOGON_NT_V2 0x800
1445#define LOGON_LM_V2 0x1000
1446#define LOGON_NTLM_V2 0x2000
1447
1448#if _WIN32_WINNT >= 0x0600
1449#define LOGON_OPTIMIZED 0x4000
1450#define LOGON_WINLOGON 0x8000
1451#define LOGON_PKINIT 0x10000
1452#define LOGON_NO_OPTIMIZED 0x20000
1453#endif
1454
1455#if _WIN32_WINNT >= 0x0602
1456#define LOGON_NO_ELEVATION 0x40000
1457#define LOGON_MANAGED_SERVICE 0x80000
1458#endif
1459
1460#define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
1461
1462#define LOGON_GRACE_LOGON 0x01000000
1463
1464 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
1465 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
1466 LARGE_INTEGER KickOffTime;
1467 LARGE_INTEGER LogoffTime;
1468 ULONG UserFlags;
1469 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
1470 UNICODE_STRING LogonDomainName;
1471 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
1472 UNICODE_STRING LogonServer;
1473 UNICODE_STRING UserParameters;
1474 } MSV1_0_LM20_LOGON_PROFILE,*PMSV1_0_LM20_LOGON_PROFILE;
1475
1476#define MSV1_0_OWF_PASSWORD_LENGTH 16
1477#define MSV1_0_SHA_PASSWORD_LENGTH 20
1478#define MSV1_0_CREDENTIAL_KEY_LENGTH 20
1479#define MSV1_0_CRED_LM_PRESENT 0x1
1480#define MSV1_0_CRED_NT_PRESENT 0x2
1481#define MSV1_0_CRED_REMOVED 0x4
1482#define MSV1_0_CRED_CREDKEY_PRESENT 0x8
1483#define MSV1_0_CRED_SHA_PRESENT 0x10
1484
1485#define MSV1_0_CRED_VERSION 0
1486#define MSV1_0_CRED_VERSION_V2 2
1487#define MSV1_0_CRED_VERSION_V3 4
1488#define MSV1_0_CRED_VERSION_IUM 0xffff0001
1489#define MSV1_0_CRED_VERSION_REMOTE 0xffff0002
1490#define MSV1_0_CRED_VERSION_ARSO 0xffff0003
1491#define MSV1_0_CRED_VERSION_RESERVED_1 0xfffffffe
1492#define MSV1_0_CRED_VERSION_INVALID 0xffffffff
1493
1494 typedef enum _MSV1_0_CREDENTIAL_KEY_TYPE {
1495 InvalidCredKey,
1496 DeprecatedIUMCredKey,
1497 DomainUserCredKey,
1498 LocalUserCredKey,
1499 ExternallySuppliedCredKey
1500 } MSV1_0_CREDENTIAL_KEY_TYPE;
1501
1502 typedef struct _MSV1_0_CREDENTIAL_KEY {
1503 UCHAR Data[MSV1_0_CREDENTIAL_KEY_LENGTH];
1504 } MSV1_0_CREDENTIAL_KEY, *PMSV1_0_CREDENTIAL_KEY;
1505
1506 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
1507 ULONG Version;
1508 ULONG Flags;
1509 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1510 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1511 } MSV1_0_SUPPLEMENTAL_CREDENTIAL,*PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
1512
1513 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL_V2 {
1514 ULONG Version;
1515 ULONG Flags;
1516 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1517 MSV1_0_CREDENTIAL_KEY CredentialKey;
1518 } MSV1_0_SUPPLEMENTAL_CREDENTIAL_V2, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL_V2;
1519
1520 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL_V3 {
1521 ULONG Version;
1522 ULONG Flags;
1523 MSV1_0_CREDENTIAL_KEY_TYPE CredentialKeyType;
1524 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1525 MSV1_0_CREDENTIAL_KEY CredentialKey;
1526 UCHAR ShaPassword[MSV1_0_SHA_PASSWORD_LENGTH];
1527 } MSV1_0_SUPPLEMENTAL_CREDENTIAL_V3, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL_V3;
1528
1529 typedef struct _MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL {
1530 ULONG Version;
1531 ULONG EncryptedCredsSize;
1532 UCHAR EncryptedCreds[1];
1533 } MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL;
1534
1535#define MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL_SIZE(Creds) \
1536 (FIELD_OFFSET(MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL, EncryptedCreds) + (Creds)->EncryptedCredsSize)
1537
1538 typedef struct _MSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL {
1539 ULONG Version;
1540 ULONG Flags;
1541 MSV1_0_CREDENTIAL_KEY CredentialKey;
1542 MSV1_0_CREDENTIAL_KEY_TYPE CredentialKeyType;
1543 ULONG EncryptedCredsSize;
1544 UCHAR EncryptedCreds[1];
1545 } MSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL;
1546
1547#define MSV1_0_NTLM3_RESPONSE_LENGTH 16
1548#define MSV1_0_NTLM3_OWF_LENGTH 16
1549
1550#define MSV1_0_MAX_NTLM3_LIFE 129600
1551#define MSV1_0_MAX_AVL_SIZE 64000
1552
1553#define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
1554
1555#if _WIN32_WINNT >= 0x0600
1556#define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
1557#endif
1558
1559#if _WIN32_WINNT >= 0x0601
1560#define MSV1_0_AV_FLAG_UNVERIFIED_TARGET 0x00000004
1561#endif
1562
1563 typedef struct _MSV1_0_NTLM3_RESPONSE {
1564 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
1565 UCHAR RespType;
1566 UCHAR HiRespType;
1567 USHORT Flags;
1568 ULONG MsgWord;
1569 ULONGLONG TimeStamp;
1570 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
1571 ULONG AvPairsOff;
1572 UCHAR Buffer[1];
1573 } MSV1_0_NTLM3_RESPONSE,*PMSV1_0_NTLM3_RESPONSE;
1574
1575#define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
1576#define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE,AvPairsOff)
1577
1578/* MsvAvSingleHost present in MS-NLMP specifications but not in WinSDK */
1579 typedef enum {
1580 MsvAvEOL,
1581 MsvAvNbComputerName,
1582 MsvAvNbDomainName,
1583 MsvAvDnsComputerName,
1584 MsvAvDnsDomainName
1585#if _WIN32_WINNT >= 0x0501
1586 ,MsvAvDnsTreeName
1587 ,MsvAvFlags
1588#if _WIN32_WINNT >= 0x0600
1589 ,MsvAvTimestamp
1590 ,MsvAvRestrictions
1591 ,MsvAvSingleHost = MsvAvRestrictions
1592 ,MsvAvTargetName
1593 ,MsvAvChannelBindings
1594#endif
1595#endif
1596 } MSV1_0_AVID;
1597
1598 typedef struct _MSV1_0_AV_PAIR {
1599 USHORT AvId;
1600 USHORT AvLen;
1601 } MSV1_0_AV_PAIR,*PMSV1_0_AV_PAIR;
1602
1603 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
1604 MsV1_0Lm20ChallengeRequest = 0,
1605 MsV1_0Lm20GetChallengeResponse,
1606 MsV1_0EnumerateUsers,
1607 MsV1_0GetUserInfo,
1608 MsV1_0ReLogonUsers,
1609 MsV1_0ChangePassword,
1610 MsV1_0ChangeCachedPassword,
1611 MsV1_0GenericPassthrough,
1612 MsV1_0CacheLogon,
1613 MsV1_0SubAuth,
1614 MsV1_0DeriveCredential,
1615 MsV1_0CacheLookup,
1616#if _WIN32_WINNT >= 0x0501
1617 MsV1_0SetProcessOption,
1618#endif
1619#if _WIN32_WINNT >= 0x0600
1620 MsV1_0ConfigLocalAliases,
1621 MsV1_0ClearCachedCredentials,
1622#endif
1623#if _WIN32_WINNT >= 0x0601
1624 MsV1_0LookupToken,
1625#endif
1626#if _WIN32_WINNT >= 0x0602
1627 MsV1_0ValidateAuth,
1628 MsV1_0CacheLookupEx,
1629 MsV1_0GetCredentialKey,
1630 MsV1_0SetThreadOption,
1631#endif
1632#if _WIN32_WINNT >= 0x0A00
1633 MsV1_0DecryptDpapiMasterKey,
1634 MsV1_0GetStrongCredentialKey,
1635 MsV1_0TransferCred,
1636 MsV1_0ProvisionTbal,
1637 MsV1_0DeleteTbalSecrets
1638#endif
1639 } MSV1_0_PROTOCOL_MESSAGE_TYPE,*PMSV1_0_PROTOCOL_MESSAGE_TYPE;
1640
1641 typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST {
1642 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1643 UNICODE_STRING DomainName;
1644 UNICODE_STRING AccountName;
1645 UNICODE_STRING OldPassword;
1646 UNICODE_STRING NewPassword;
1647 BOOLEAN Impersonating;
1648 } MSV1_0_CHANGEPASSWORD_REQUEST,*PMSV1_0_CHANGEPASSWORD_REQUEST;
1649
1650 typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE {
1651 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1652 BOOLEAN PasswordInfoValid;
1653 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo;
1654 } MSV1_0_CHANGEPASSWORD_RESPONSE,*PMSV1_0_CHANGEPASSWORD_RESPONSE;
1655
1656 typedef struct _MSV1_0_PASSTHROUGH_REQUEST {
1657 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1658 UNICODE_STRING DomainName;
1659 UNICODE_STRING PackageName;
1660 ULONG DataLength;
1661 PUCHAR LogonData;
1662 ULONG Pad;
1663 } MSV1_0_PASSTHROUGH_REQUEST,*PMSV1_0_PASSTHROUGH_REQUEST;
1664
1665 typedef struct _MSV1_0_PASSTHROUGH_RESPONSE {
1666 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1667 ULONG Pad;
1668 ULONG DataLength;
1669 PUCHAR ValidationData;
1670 } MSV1_0_PASSTHROUGH_RESPONSE,*PMSV1_0_PASSTHROUGH_RESPONSE;
1671
1672 typedef struct _MSV1_0_SUBAUTH_REQUEST{
1673 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1674 ULONG SubAuthPackageId;
1675 ULONG SubAuthInfoLength;
1676 PUCHAR SubAuthSubmitBuffer;
1677 } MSV1_0_SUBAUTH_REQUEST,*PMSV1_0_SUBAUTH_REQUEST;
1678
1679 typedef struct _MSV1_0_SUBAUTH_RESPONSE{
1680 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1681 ULONG SubAuthInfoLength;
1682 PUCHAR SubAuthReturnBuffer;
1683 } MSV1_0_SUBAUTH_RESPONSE,*PMSV1_0_SUBAUTH_RESPONSE;
1684
1685#define RtlGenRandom SystemFunction036
1686#define RtlEncryptMemory SystemFunction040
1687#define RtlDecryptMemory SystemFunction041
1688
1689 BOOLEAN WINAPI RtlGenRandom(PVOID RandomBuffer,ULONG RandomBufferLength);
1690
1691#define RTL_ENCRYPT_MEMORY_SIZE 8
1692#define RTL_ENCRYPT_OPTION_CROSS_PROCESS 0x01
1693#define RTL_ENCRYPT_OPTION_SAME_LOGON 0x02
1694#define RTL_ENCRYPT_OPTION_FOR_SYSTEM 0x04
1695
1696 NTSTATUS WINAPI RtlEncryptMemory(PVOID Memory,ULONG MemorySize,ULONG OptionFlags);
1697 NTSTATUS WINAPI RtlDecryptMemory(PVOID Memory,ULONG MemorySize,ULONG OptionFlags);
1698
1699#define KERBEROS_VERSION 5
1700#define KERBEROS_REVISION 6
1701
1702#define KERB_ETYPE_NULL 0
1703#define KERB_ETYPE_DES_CBC_CRC 1
1704#define KERB_ETYPE_DES_CBC_MD4 2
1705#define KERB_ETYPE_DES_CBC_MD5 3
1706#define KERB_ETYPE_AES128_CTS_HMAC_SHA1_96 17
1707#define KERB_ETYPE_AES256_CTS_HMAC_SHA1_96 18
1708
1709#define KERB_ETYPE_RC4_MD4 -128
1710#define KERB_ETYPE_RC4_PLAIN2 -129
1711#define KERB_ETYPE_RC4_LM -130
1712#define KERB_ETYPE_RC4_SHA -131
1713#define KERB_ETYPE_DES_PLAIN -132
1714#define KERB_ETYPE_RC4_HMAC_OLD -133
1715#define KERB_ETYPE_RC4_PLAIN_OLD -134
1716#define KERB_ETYPE_RC4_HMAC_OLD_EXP -135
1717#define KERB_ETYPE_RC4_PLAIN_OLD_EXP -136
1718#define KERB_ETYPE_RC4_PLAIN -140
1719#define KERB_ETYPE_RC4_PLAIN_EXP -141
1720#define KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN -148
1721#define KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN -149
1722
1723#define KERB_ETYPE_DSA_SHA1_CMS 9
1724#define KERB_ETYPE_RSA_MD5_CMS 10
1725#define KERB_ETYPE_RSA_SHA1_CMS 11
1726#define KERB_ETYPE_RC2_CBC_ENV 12
1727#define KERB_ETYPE_RSA_ENV 13
1728#define KERB_ETYPE_RSA_ES_OEAP_ENV 14
1729#define KERB_ETYPE_DES_EDE3_CBC_ENV 15
1730
1731#define KERB_ETYPE_DSA_SIGN 8
1732#define KERB_ETYPE_RSA_PRIV 9
1733#define KERB_ETYPE_RSA_PUB 10
1734#define KERB_ETYPE_RSA_PUB_MD5 11
1735#define KERB_ETYPE_RSA_PUB_SHA1 12
1736#define KERB_ETYPE_PKCS7_PUB 13
1737
1738#define KERB_ETYPE_DES3_CBC_MD5 5
1739#define KERB_ETYPE_DES3_CBC_SHA1 7
1740#define KERB_ETYPE_DES3_CBC_SHA1_KD 16
1741
1742#define KERB_ETYPE_DES_CBC_MD5_NT 20
1743#define KERB_ETYPE_RC4_HMAC_NT 23
1744#define KERB_ETYPE_RC4_HMAC_NT_EXP 24
1745
1746#define KERB_CHECKSUM_NONE 0
1747#define KERB_CHECKSUM_CRC32 1
1748#define KERB_CHECKSUM_MD4 2
1749#define KERB_CHECKSUM_KRB_DES_MAC 4
1750#define KERB_CHECKSUM_KRB_DES_MAC_K 5
1751#define KERB_CHECKSUM_MD5 7
1752#define KERB_CHECKSUM_MD5_DES 8
1753#define KERB_CHECKSUM_SHA1_NEW 14
1754#define KERB_CHECKSUM_HMAC_SHA1_96_AES128 15
1755#define KERB_CHECKSUM_HMAC_SHA1_96_AES256 16
1756
1757#define KERB_CHECKSUM_LM -130
1758#define KERB_CHECKSUM_SHA1 -131
1759#define KERB_CHECKSUM_REAL_CRC32 -132
1760#define KERB_CHECKSUM_DES_MAC -133
1761#define KERB_CHECKSUM_DES_MAC_MD5 -134
1762#define KERB_CHECKSUM_MD25 -135
1763#define KERB_CHECKSUM_RC4_MD5 -136
1764#define KERB_CHECKSUM_MD5_HMAC -137
1765#define KERB_CHECKSUM_HMAC_MD5 -138
1766#define KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki -150
1767#define KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki -151
1768
1769#define AUTH_REQ_ALLOW_FORWARDABLE 0x00000001
1770#define AUTH_REQ_ALLOW_PROXIABLE 0x00000002
1771#define AUTH_REQ_ALLOW_POSTDATE 0x00000004
1772#define AUTH_REQ_ALLOW_RENEWABLE 0x00000008
1773#define AUTH_REQ_ALLOW_NOADDRESS 0x00000010
1774#define AUTH_REQ_ALLOW_ENC_TKT_IN_SKEY 0x00000020
1775#define AUTH_REQ_ALLOW_VALIDATE 0x00000040
1776#define AUTH_REQ_VALIDATE_CLIENT 0x00000080
1777#define AUTH_REQ_OK_AS_DELEGATE 0x00000100
1778#define AUTH_REQ_PREAUTH_REQUIRED 0x00000200
1779#define AUTH_REQ_TRANSITIVE_TRUST 0x00000400
1780#define AUTH_REQ_ALLOW_S4U_DELEGATE 0x00000800
1781
1782#define AUTH_REQ_PER_USER_FLAGS (AUTH_REQ_ALLOW_FORWARDABLE | AUTH_REQ_ALLOW_PROXIABLE | AUTH_REQ_ALLOW_POSTDATE | AUTH_REQ_ALLOW_RENEWABLE | AUTH_REQ_ALLOW_VALIDATE)
1783
1784#define KERB_TICKET_FLAGS_reserved 0x80000000
1785#define KERB_TICKET_FLAGS_forwardable 0x40000000
1786#define KERB_TICKET_FLAGS_forwarded 0x20000000
1787#define KERB_TICKET_FLAGS_proxiable 0x10000000
1788#define KERB_TICKET_FLAGS_proxy 0x08000000
1789#define KERB_TICKET_FLAGS_may_postdate 0x04000000
1790#define KERB_TICKET_FLAGS_postdated 0x02000000
1791#define KERB_TICKET_FLAGS_invalid 0x01000000
1792#define KERB_TICKET_FLAGS_renewable 0x00800000
1793#define KERB_TICKET_FLAGS_initial 0x00400000
1794#define KERB_TICKET_FLAGS_pre_authent 0x00200000
1795#define KERB_TICKET_FLAGS_hw_authent 0x00100000
1796#define KERB_TICKET_FLAGS_ok_as_delegate 0x00040000
1797#define KERB_TICKET_FLAGS_name_canonicalize 0x00010000
1798#if _WIN32_WINNT == 0x0501
1799#define KERB_TICKET_FLAGS_cname_in_pa_data 0x00040000
1800#endif
1801#define KERB_TICKET_FLAGS_enc_pa_rep 0x00010000
1802#define KERB_TICKET_FLAGS_reserved1 0x00000001
1803
1804#define KRB_NT_UNKNOWN 0
1805#define KRB_NT_PRINCIPAL 1
1806#define KRB_NT_PRINCIPAL_AND_ID -131
1807#define KRB_NT_SRV_INST 2
1808#define KRB_NT_SRV_INST_AND_ID -132
1809#define KRB_NT_SRV_HST 3
1810#define KRB_NT_SRV_XHST 4
1811#define KRB_NT_UID 5
1812#define KRB_NT_ENTERPRISE_PRINCIPAL 10
1813#define KRB_NT_WELLKNOWN 11
1814#define KRB_NT_MS_BRANCH_ID -133
1815#define KRB_NT_ENT_PRINCIPAL_AND_ID -130
1816#define KRB_NT_MS_PRINCIPAL -128
1817#define KRB_NT_MS_PRINCIPAL_AND_ID -129
1818
1819#define KERB_IS_MS_PRINCIPAL(_x_) (((_x_) <= KRB_NT_MS_PRINCIPAL) || ((_x_) >= KRB_NT_ENTERPRISE_PRINCIPAL))
1820
1821#if _WIN32_WINNT >= 0x0600
1822#define KRB_NT_X500_PRINCIPAL 6
1823#endif
1824
1825#define KRB_WELLKNOWN_STRING L"WELLKNOWN"
1826#define KRB_ANONYMOUS_STRING L"ANONYMOUS"
1827
1828#ifndef MICROSOFT_KERBEROS_NAME_A
1829
1830#define MICROSOFT_KERBEROS_NAME_A "Kerberos"
1831#define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
1832#ifdef WIN32_CHICAGO
1833#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_A
1834#else
1835#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_W
1836#endif
1837#endif
1838
1839#define KERB_WRAP_NO_ENCRYPT 0x80000001
1840
1841 typedef enum _KERB_LOGON_SUBMIT_TYPE {
1842 KerbInteractiveLogon = 2,
1843 KerbSmartCardLogon = 6,
1844 KerbWorkstationUnlockLogon = 7,
1845 KerbSmartCardUnlockLogon = 8,
1846 KerbProxyLogon = 9,
1847 KerbTicketLogon = 10,
1848 KerbTicketUnlockLogon = 11,
1849 KerbS4ULogon = 12,
1850#if (_WIN32_WINNT >= 0x0600)
1851 KerbCertificateLogon = 13,
1852 KerbCertificateS4ULogon = 14,
1853 KerbCertificateUnlockLogon = 15,
1854#endif
1855#if (_WIN32_WINNT >= 0x0602)
1856 KerbNoElevationLogon = 83,
1857 KerbLuidLogon = 84
1858#endif
1859 } KERB_LOGON_SUBMIT_TYPE,*PKERB_LOGON_SUBMIT_TYPE;
1860
1861 typedef struct _KERB_INTERACTIVE_LOGON {
1862 KERB_LOGON_SUBMIT_TYPE MessageType;
1863 UNICODE_STRING LogonDomainName;
1864 UNICODE_STRING UserName;
1865 UNICODE_STRING Password;
1866 } KERB_INTERACTIVE_LOGON,*PKERB_INTERACTIVE_LOGON;
1867
1868 typedef struct _KERB_INTERACTIVE_UNLOCK_LOGON {
1869 KERB_INTERACTIVE_LOGON Logon;
1870 LUID LogonId;
1871 } KERB_INTERACTIVE_UNLOCK_LOGON,*PKERB_INTERACTIVE_UNLOCK_LOGON;
1872
1873 typedef struct _KERB_SMART_CARD_LOGON {
1874 KERB_LOGON_SUBMIT_TYPE MessageType;
1875 UNICODE_STRING Pin;
1876 ULONG CspDataLength;
1877 PUCHAR CspData;
1878 } KERB_SMART_CARD_LOGON,*PKERB_SMART_CARD_LOGON;
1879
1880 typedef struct _KERB_SMART_CARD_UNLOCK_LOGON {
1881 KERB_SMART_CARD_LOGON Logon;
1882 LUID LogonId;
1883 } KERB_SMART_CARD_UNLOCK_LOGON,*PKERB_SMART_CARD_UNLOCK_LOGON;
1884
1885 typedef struct _KERB_TICKET_LOGON {
1886 KERB_LOGON_SUBMIT_TYPE MessageType;
1887 ULONG Flags;
1888 ULONG ServiceTicketLength;
1889 ULONG TicketGrantingTicketLength;
1890 PUCHAR ServiceTicket;
1891 PUCHAR TicketGrantingTicket;
1892 } KERB_TICKET_LOGON,*PKERB_TICKET_LOGON;
1893
1894#define KERB_LOGON_FLAG_ALLOW_EXPIRED_TICKET 0x1
1895#define KERB_LOGON_FLAG_REDIRECTED 0x2
1896
1897 typedef struct _KERB_TICKET_UNLOCK_LOGON {
1898 KERB_TICKET_LOGON Logon;
1899 LUID LogonId;
1900 } KERB_TICKET_UNLOCK_LOGON,*PKERB_TICKET_UNLOCK_LOGON;
1901
1902#if _WIN32_WINNT >= 0x0600
1903#define KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
1904#define KERB_S4U_LOGON_FLAG_IDENTIFY 0x8
1905#endif
1906
1907 typedef struct _KERB_S4U_LOGON {
1908 KERB_LOGON_SUBMIT_TYPE MessageType;
1909 ULONG Flags;
1910 UNICODE_STRING ClientUpn;
1911 UNICODE_STRING ClientRealm;
1912 } KERB_S4U_LOGON,*PKERB_S4U_LOGON;
1913
1914 typedef enum _KERB_PROFILE_BUFFER_TYPE {
1915 KerbInteractiveProfile = 2,KerbSmartCardProfile = 4,KerbTicketProfile = 6
1916 } KERB_PROFILE_BUFFER_TYPE,*PKERB_PROFILE_BUFFER_TYPE;
1917
1918 typedef struct _KERB_INTERACTIVE_PROFILE {
1919 KERB_PROFILE_BUFFER_TYPE MessageType;
1920 USHORT LogonCount;
1921 USHORT BadPasswordCount;
1922 LARGE_INTEGER LogonTime;
1923 LARGE_INTEGER LogoffTime;
1924 LARGE_INTEGER KickOffTime;
1925 LARGE_INTEGER PasswordLastSet;
1926 LARGE_INTEGER PasswordCanChange;
1927 LARGE_INTEGER PasswordMustChange;
1928 UNICODE_STRING LogonScript;
1929 UNICODE_STRING HomeDirectory;
1930 UNICODE_STRING FullName;
1931 UNICODE_STRING ProfilePath;
1932 UNICODE_STRING HomeDirectoryDrive;
1933 UNICODE_STRING LogonServer;
1934 ULONG UserFlags;
1935 } KERB_INTERACTIVE_PROFILE,*PKERB_INTERACTIVE_PROFILE;
1936
1937 typedef struct _KERB_SMART_CARD_PROFILE {
1938 KERB_INTERACTIVE_PROFILE Profile;
1939 ULONG CertificateSize;
1940 PUCHAR CertificateData;
1941 } KERB_SMART_CARD_PROFILE,*PKERB_SMART_CARD_PROFILE;
1942
1943 typedef struct KERB_CRYPTO_KEY {
1944 LONG KeyType;
1945 ULONG Length;
1946 PUCHAR Value;
1947 } KERB_CRYPTO_KEY,*PKERB_CRYPTO_KEY;
1948
1949 typedef struct KERB_CRYPTO_KEY32 {
1950 LONG KeyType;
1951 ULONG Length;
1952 ULONG Offset;
1953 } KERB_CRYPTO_KEY32,*PKERB_CRYPTO_KEY32;
1954
1955 typedef struct _KERB_TICKET_PROFILE {
1956 KERB_INTERACTIVE_PROFILE Profile;
1957 KERB_CRYPTO_KEY SessionKey;
1958 } KERB_TICKET_PROFILE,*PKERB_TICKET_PROFILE;
1959
1960 typedef enum _KERB_PROTOCOL_MESSAGE_TYPE {
1961 KerbDebugRequestMessage = 0,
1962 KerbQueryTicketCacheMessage,
1963 KerbChangeMachinePasswordMessage,
1964 KerbVerifyPacMessage,
1965 KerbRetrieveTicketMessage,
1966 KerbUpdateAddressesMessage,
1967 KerbPurgeTicketCacheMessage,
1968 KerbChangePasswordMessage,
1969 KerbRetrieveEncodedTicketMessage,
1970 KerbDecryptDataMessage,
1971 KerbAddBindingCacheEntryMessage,
1972 KerbSetPasswordMessage,
1973 KerbSetPasswordExMessage,
1974#if _WIN32_WINNT >= 0x0501
1975 KerbVerifyCredentialsMessage,
1976 KerbQueryTicketCacheExMessage,
1977 KerbPurgeTicketCacheExMessage,
1978#endif
1979#if _WIN32_WINNT >= 0x0502
1980 KerbRefreshSmartcardCredentialsMessage,
1981 KerbAddExtraCredentialsMessage,
1982 KerbQuerySupplementalCredentialsMessage,
1983#endif
1984#if _WIN32_WINNT >= 0x0600
1985 KerbTransferCredentialsMessage,
1986 KerbQueryTicketCacheEx2Message,
1987 KerbSubmitTicketMessage,
1988 KerbAddExtraCredentialsExMessage,
1989#endif
1990#if _WIN32_WINNT >= 0x0602
1991 KerbQueryKdcProxyCacheMessage,
1992 KerbPurgeKdcProxyCacheMessage,
1993 KerbQueryTicketCacheEx3Message,
1994 KerbCleanupMachinePkinitCredsMessage,
1995 KerbAddBindingCacheEntryExMessage,
1996 KerbQueryBindingCacheMessage,
1997 KerbPurgeBindingCacheMessage,
1998 KerbPinKdcMessage,
1999 KerbUnpinAllKdcsMessage,
2000 KerbQueryDomainExtendedPoliciesMessage,
2001 KerbQueryS4U2ProxyCacheMessage,
2002#endif
2003#if _WIN32_WINNT >= 0x0A00
2004 KerbRetrieveKeyTabMessage
2005#endif
2006 } KERB_PROTOCOL_MESSAGE_TYPE,*PKERB_PROTOCOL_MESSAGE_TYPE;
2007
2008 typedef struct _KERB_QUERY_TKT_CACHE_REQUEST {
2009 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2010 LUID LogonId;
2011 } KERB_QUERY_TKT_CACHE_REQUEST,*PKERB_QUERY_TKT_CACHE_REQUEST;
2012
2013 typedef struct _KERB_TICKET_CACHE_INFO {
2014 UNICODE_STRING ServerName;
2015 UNICODE_STRING RealmName;
2016 LARGE_INTEGER StartTime;
2017 LARGE_INTEGER EndTime;
2018 LARGE_INTEGER RenewTime;
2019 LONG EncryptionType;
2020 ULONG TicketFlags;
2021 } KERB_TICKET_CACHE_INFO,*PKERB_TICKET_CACHE_INFO;
2022
2023 typedef struct _KERB_TICKET_CACHE_INFO_EX {
2024 UNICODE_STRING ClientName;
2025 UNICODE_STRING ClientRealm;
2026 UNICODE_STRING ServerName;
2027 UNICODE_STRING ServerRealm;
2028 LARGE_INTEGER StartTime;
2029 LARGE_INTEGER EndTime;
2030 LARGE_INTEGER RenewTime;
2031 LONG EncryptionType;
2032 ULONG TicketFlags;
2033 } KERB_TICKET_CACHE_INFO_EX,*PKERB_TICKET_CACHE_INFO_EX;
2034
2035 typedef struct _KERB_TICKET_CACHE_INFO_EX2 {
2036 UNICODE_STRING ClientName;
2037 UNICODE_STRING ClientRealm;
2038 UNICODE_STRING ServerName;
2039 UNICODE_STRING ServerRealm;
2040 LARGE_INTEGER StartTime;
2041 LARGE_INTEGER EndTime;
2042 LARGE_INTEGER RenewTime;
2043 LONG EncryptionType;
2044 ULONG TicketFlags;
2045 ULONG SessionKeyType;
2046 } KERB_TICKET_CACHE_INFO_EX2,*PKERB_TICKET_CACHE_INFO_EX2;
2047
2048#if _WIN32_WINNT >= 0x0602
2049 typedef struct _KERB_TICKET_CACHE_INFO_EX3 {
2050 UNICODE_STRING ClientName;
2051 UNICODE_STRING ClientRealm;
2052 UNICODE_STRING ServerName;
2053 UNICODE_STRING ServerRealm;
2054 LARGE_INTEGER StartTime;
2055 LARGE_INTEGER EndTime;
2056 LARGE_INTEGER RenewTime;
2057 LONG EncryptionType;
2058 ULONG TicketFlags;
2059 ULONG SessionKeyType;
2060 ULONG BranchId;
2061 ULONG CacheFlags;
2062 UNICODE_STRING KdcCalled;
2063 } KERB_TICKET_CACHE_INFO_EX3, *PKERB_TICKET_CACHE_INFO_EX3;
2064#endif
2065
2066 typedef struct _KERB_QUERY_TKT_CACHE_RESPONSE {
2067 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2068 ULONG CountOfTickets;
2069 KERB_TICKET_CACHE_INFO Tickets[ANYSIZE_ARRAY];
2070 } KERB_QUERY_TKT_CACHE_RESPONSE,*PKERB_QUERY_TKT_CACHE_RESPONSE;
2071
2072 typedef struct _KERB_QUERY_TKT_CACHE_EX_RESPONSE {
2073 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2074 ULONG CountOfTickets;
2075 KERB_TICKET_CACHE_INFO_EX Tickets[ANYSIZE_ARRAY];
2076 } KERB_QUERY_TKT_CACHE_EX_RESPONSE,*PKERB_QUERY_TKT_CACHE_EX_RESPONSE;
2077
2078 typedef struct _KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
2079 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2080 ULONG CountOfTickets;
2081 KERB_TICKET_CACHE_INFO_EX2 Tickets[ANYSIZE_ARRAY];
2082 } KERB_QUERY_TKT_CACHE_EX2_RESPONSE,*PKERB_QUERY_TKT_CACHE_EX2_RESPONSE;
2083
2084#if _WIN32_WINNT >= 0x0602
2085 typedef struct _KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
2086 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2087 ULONG CountOfTickets;
2088 KERB_TICKET_CACHE_INFO_EX3 Tickets[ANYSIZE_ARRAY];
2089 } KERB_QUERY_TKT_CACHE_EX3_RESPONSE, *PKERB_QUERY_TKT_CACHE_EX3_RESPONSE;
2090#endif
2091
2092#ifndef __SECHANDLE_DEFINED__
2093 typedef struct _SecHandle {
2094 ULONG_PTR dwLower;
2095 ULONG_PTR dwUpper;
2096 } SecHandle,*PSecHandle;
2097
2098#define __SECHANDLE_DEFINED__
2099#endif
2100
2101#define KERB_USE_DEFAULT_TICKET_FLAGS 0x0
2102
2103#define KERB_RETRIEVE_TICKET_DEFAULT 0x0
2104#define KERB_RETRIEVE_TICKET_DONT_USE_CACHE 0x1
2105#define KERB_RETRIEVE_TICKET_USE_CACHE_ONLY 0x2
2106#define KERB_RETRIEVE_TICKET_USE_CREDHANDLE 0x4
2107#define KERB_RETRIEVE_TICKET_AS_KERB_CRED 0x8
2108#define KERB_RETRIEVE_TICKET_WITH_SEC_CRED 0x10
2109
2110#if _WIN32_WINNT >= 0x0600
2111#define KERB_RETRIEVE_TICKET_CACHE_TICKET 0x20
2112#endif
2113
2114#if _WIN32_WINNT >= 0x0601
2115#define KERB_RETRIEVE_TICKET_MAX_LIFETIME 0x40
2116#endif
2117
2118#define KERB_ETYPE_DEFAULT 0x0
2119
2120 typedef struct _KERB_AUTH_DATA {
2121 ULONG Type;
2122 ULONG Length;
2123 PUCHAR Data;
2124 } KERB_AUTH_DATA,*PKERB_AUTH_DATA;
2125
2126 typedef struct _KERB_NET_ADDRESS {
2127 ULONG Family;
2128 ULONG Length;
2129 PCHAR Address;
2130 } KERB_NET_ADDRESS,*PKERB_NET_ADDRESS;
2131
2132 typedef struct _KERB_NET_ADDRESSES {
2133 ULONG Number;
2134 KERB_NET_ADDRESS Addresses[ANYSIZE_ARRAY];
2135 } KERB_NET_ADDRESSES,*PKERB_NET_ADDRESSES;
2136
2137 typedef struct _KERB_EXTERNAL_NAME {
2138 SHORT NameType;
2139 USHORT NameCount;
2140 UNICODE_STRING Names[ANYSIZE_ARRAY];
2141 } KERB_EXTERNAL_NAME,*PKERB_EXTERNAL_NAME;
2142
2143 typedef struct _KERB_EXTERNAL_TICKET {
2144 PKERB_EXTERNAL_NAME ServiceName;
2145 PKERB_EXTERNAL_NAME TargetName;
2146 PKERB_EXTERNAL_NAME ClientName;
2147 UNICODE_STRING DomainName;
2148 UNICODE_STRING TargetDomainName;
2149 UNICODE_STRING AltTargetDomainName;
2150 KERB_CRYPTO_KEY SessionKey;
2151 ULONG TicketFlags;
2152 ULONG Flags;
2153 LARGE_INTEGER KeyExpirationTime;
2154 LARGE_INTEGER StartTime;
2155 LARGE_INTEGER EndTime;
2156 LARGE_INTEGER RenewUntil;
2157 LARGE_INTEGER TimeSkew;
2158 ULONG EncodedTicketSize;
2159 PUCHAR EncodedTicket;
2160 } KERB_EXTERNAL_TICKET,*PKERB_EXTERNAL_TICKET;
2161
2162 typedef struct _KERB_RETRIEVE_TKT_REQUEST {
2163 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2164 LUID LogonId;
2165 UNICODE_STRING TargetName;
2166 ULONG TicketFlags;
2167 ULONG CacheOptions;
2168 LONG EncryptionType;
2169 SecHandle CredentialsHandle;
2170 } KERB_RETRIEVE_TKT_REQUEST,*PKERB_RETRIEVE_TKT_REQUEST;
2171
2172 typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
2173 KERB_EXTERNAL_TICKET Ticket;
2174 } KERB_RETRIEVE_TKT_RESPONSE,*PKERB_RETRIEVE_TKT_RESPONSE;
2175
2176 typedef struct _KERB_PURGE_TKT_CACHE_REQUEST {
2177 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2178 LUID LogonId;
2179 UNICODE_STRING ServerName;
2180 UNICODE_STRING RealmName;
2181 } KERB_PURGE_TKT_CACHE_REQUEST,*PKERB_PURGE_TKT_CACHE_REQUEST;
2182
2183#define KERB_PURGE_ALL_TICKETS 1
2184
2185 typedef struct _KERB_PURGE_TKT_CACHE_EX_REQUEST {
2186 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2187 LUID LogonId;
2188 ULONG Flags;
2189 KERB_TICKET_CACHE_INFO_EX TicketTemplate;
2190 } KERB_PURGE_TKT_CACHE_EX_REQUEST,*PKERB_PURGE_TKT_CACHE_EX_REQUEST;
2191
2192 typedef struct _KERB_SUBMIT_TKT_REQUEST {
2193 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2194 LUID LogonId;
2195 ULONG Flags;
2196 KERB_CRYPTO_KEY32 Key;
2197 ULONG KerbCredSize;
2198 ULONG KerbCredOffset;
2199 } KERB_SUBMIT_TKT_REQUEST, *PKERB_SUBMIT_TKT_REQUEST;
2200
2201#if _WIN32_WINNT >= 0x0602
2202
2203 typedef struct _KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
2204 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2205 ULONG Flags;
2206 LUID LogonId;
2207 } KERB_QUERY_KDC_PROXY_CACHE_REQUEST, *PKERB_QUERY_KDC_PROXY_CACHE_REQUEST;
2208
2209 typedef struct _KDC_PROXY_CACHE_ENTRY_DATA {
2210 ULONG64 SinceLastUsed;
2211 UNICODE_STRING DomainName;
2212 UNICODE_STRING ProxyServerName;
2213 UNICODE_STRING ProxyServerVdir;
2214 USHORT ProxyServerPort;
2215 LUID LogonId;
2216 UNICODE_STRING CredUserName;
2217 UNICODE_STRING CredDomainName;
2218 BOOLEAN GlobalCache;
2219 } KDC_PROXY_CACHE_ENTRY_DATA, *PKDC_PROXY_CACHE_ENTRY_DATA;
2220
2221 typedef struct _KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
2222 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2223 ULONG CountOfEntries;
2224 PKDC_PROXY_CACHE_ENTRY_DATA Entries;
2225 } KERB_QUERY_KDC_PROXY_CACHE_RESPONSE, *PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
2226
2227 typedef struct _KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
2228 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2229 ULONG Flags;
2230 LUID LogonId;
2231 } KERB_PURGE_KDC_PROXY_CACHE_REQUEST, *PKERB_PURGE_KDC_PROXY_CACHE_REQUEST;
2232
2233 typedef struct _KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
2234 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2235 ULONG CountOfPurged;
2236 } KERB_PURGE_KDC_PROXY_CACHE_RESPONSE, *PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
2237
2238#define KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE 0x1
2239
2240 typedef struct _KERB_S4U2PROXY_CACHE_ENTRY_INFO {
2241 UNICODE_STRING ServerName;
2242 ULONG Flags;
2243 NTSTATUS LastStatus;
2244 LARGE_INTEGER Expiry;
2245 } KERB_S4U2PROXY_CACHE_ENTRY_INFO, *PKERB_S4U2PROXY_CACHE_ENTRY_INFO;
2246
2247#define KERB_S4U2PROXY_CRED_FLAG_NEGATIVE 0x1
2248
2249 typedef struct _KERB_S4U2PROXY_CRED {
2250 UNICODE_STRING UserName;
2251 UNICODE_STRING DomainName;
2252 ULONG Flags;
2253 NTSTATUS LastStatus;
2254 LARGE_INTEGER Expiry;
2255 ULONG CountOfEntries;
2256 PKERB_S4U2PROXY_CACHE_ENTRY_INFO Entries;
2257 } KERB_S4U2PROXY_CRED, *PKERB_S4U2PROXY_CRED;
2258
2259 typedef struct _KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
2260 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2261 ULONG Flags;
2262 LUID LogonId;
2263 } KERB_QUERY_S4U2PROXY_CACHE_REQUEST, *PKERB_QUERY_S4U2PROXY_CACHE_REQUEST;
2264
2265 typedef struct _KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
2266 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2267 ULONG CountOfCreds;
2268 PKERB_S4U2PROXY_CRED Creds;
2269 } KERB_QUERY_S4U2PROXY_CACHE_RESPONSE, *PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
2270
2271#endif
2272
2273#if _WIN32_WINNT >= 0x0A00
2274
2275 typedef struct _KERB_RETRIEVE_KEY_TAB_REQUEST {
2276 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2277 ULONG Flags;
2278 UNICODE_STRING UserName;
2279 UNICODE_STRING DomainName;
2280 UNICODE_STRING Password;
2281 } KERB_RETRIEVE_KEY_TAB_REQUEST, *PKERB_RETRIEVE_KEY_TAB_REQUEST;
2282
2283 typedef struct _KERB_RETRIEVE_KEY_TAB_RESPONSE {
2284 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2285 ULONG KeyTabLength;
2286 PUCHAR KeyTab;
2287 } KERB_RETRIEVE_KEY_TAB_RESPONSE, *PKERB_RETRIEVE_KEY_TAB_RESPONSE;
2288
2289#endif
2290
2291 typedef struct _KERB_CHANGEPASSWORD_REQUEST {
2292 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2293 UNICODE_STRING DomainName;
2294 UNICODE_STRING AccountName;
2295 UNICODE_STRING OldPassword;
2296 UNICODE_STRING NewPassword;
2297 BOOLEAN Impersonating;
2298 } KERB_CHANGEPASSWORD_REQUEST,*PKERB_CHANGEPASSWORD_REQUEST;
2299
2300 typedef struct _KERB_SETPASSWORD_REQUEST {
2301 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2302 LUID LogonId;
2303 SecHandle CredentialsHandle;
2304 ULONG Flags;
2305 UNICODE_STRING DomainName;
2306 UNICODE_STRING AccountName;
2307 UNICODE_STRING Password;
2308 } KERB_SETPASSWORD_REQUEST,*PKERB_SETPASSWORD_REQUEST;
2309
2310 typedef struct _KERB_SETPASSWORD_EX_REQUEST {
2311 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2312 LUID LogonId;
2313 SecHandle CredentialsHandle;
2314 ULONG Flags;
2315 UNICODE_STRING AccountRealm;
2316 UNICODE_STRING AccountName;
2317 UNICODE_STRING Password;
2318 UNICODE_STRING ClientRealm;
2319 UNICODE_STRING ClientName;
2320 BOOLEAN Impersonating;
2321 UNICODE_STRING KdcAddress;
2322 ULONG KdcAddressType;
2323 } KERB_SETPASSWORD_EX_REQUEST,*PKERB_SETPASSWORD_EX_REQUEST;
2324
2325#define DS_UNKNOWN_ADDRESS_TYPE 0
2326#define KERB_SETPASS_USE_LOGONID 1
2327#define KERB_SETPASS_USE_CREDHANDLE 2
2328
2329 typedef struct _KERB_DECRYPT_REQUEST {
2330 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2331 LUID LogonId;
2332 ULONG Flags;
2333 LONG CryptoType;
2334 LONG KeyUsage;
2335 KERB_CRYPTO_KEY Key;
2336 ULONG EncryptedDataSize;
2337 ULONG InitialVectorSize;
2338 PUCHAR InitialVector;
2339 PUCHAR EncryptedData;
2340 } KERB_DECRYPT_REQUEST,*PKERB_DECRYPT_REQUEST;
2341
2342#define KERB_DECRYPT_FLAG_DEFAULT_KEY 0x00000001
2343
2344 typedef struct _KERB_DECRYPT_RESPONSE {
2345 UCHAR DecryptedData[ANYSIZE_ARRAY];
2346 } KERB_DECRYPT_RESPONSE,*PKERB_DECRYPT_RESPONSE;
2347
2348 typedef struct _KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
2349 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2350 UNICODE_STRING RealmName;
2351 UNICODE_STRING KdcAddress;
2352 ULONG AddressType;
2353 } KERB_ADD_BINDING_CACHE_ENTRY_REQUEST,*PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
2354
2355 typedef struct _KERB_REFRESH_SCCRED_REQUEST {
2356 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2357 UNICODE_STRING CredentialBlob;
2358 LUID LogonId;
2359 ULONG Flags;
2360 } KERB_REFRESH_SCCRED_REQUEST,*PKERB_REFRESH_SCCRED_REQUEST;
2361
2362#define KERB_REFRESH_SCCRED_RELEASE 0x0
2363#define KERB_REFRESH_SCCRED_GETTGT 0x1
2364
2365 typedef struct _KERB_ADD_CREDENTIALS_REQUEST {
2366 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2367 UNICODE_STRING UserName;
2368 UNICODE_STRING DomainName;
2369 UNICODE_STRING Password;
2370 LUID LogonId;
2371 ULONG Flags;
2372 } KERB_ADD_CREDENTIALS_REQUEST,*PKERB_ADD_CREDENTIALS_REQUEST;
2373
2374#define KERB_REQUEST_ADD_CREDENTIAL 1
2375#define KERB_REQUEST_REPLACE_CREDENTIAL 2
2376#define KERB_REQUEST_REMOVE_CREDENTIAL 4
2377
2378#if _WIN32_WINNT >= 0x0600
2379
2380 typedef struct _KERB_ADD_CREDENTIALS_REQUEST_EX {
2381 KERB_ADD_CREDENTIALS_REQUEST Credentials;
2382 ULONG PrincipalNameCount;
2383 UNICODE_STRING PrincipalNames[1];
2384 } KERB_ADD_CREDENTIALS_REQUEST_EX, *PKERB_ADD_CREDENTIALS_REQUEST_EX;
2385
2386#endif
2387
2388 typedef struct _KERB_TRANSFER_CRED_REQUEST {
2389 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2390 LUID OriginLogonId;
2391 LUID DestinationLogonId;
2392 ULONG Flags;
2393 } KERB_TRANSFER_CRED_REQUEST,*PKERB_TRANSFER_CRED_REQUEST;
2394
2395#define KERB_TRANSFER_CRED_WITH_TICKETS 1
2396#define KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS 2
2397
2398#if _WIN32_WINNT >= 0x0602
2399
2400 typedef struct _KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
2401 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2402 LUID LogonId;
2403 } KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST, *PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
2404
2405 typedef struct _KERB_BINDING_CACHE_ENTRY_DATA {
2406 ULONG64 DiscoveryTime;
2407 UNICODE_STRING RealmName;
2408 UNICODE_STRING KdcAddress;
2409 ULONG AddressType;
2410 ULONG Flags;
2411 ULONG DcFlags;
2412 ULONG CacheFlags;
2413 UNICODE_STRING KdcName;
2414 } KERB_BINDING_CACHE_ENTRY_DATA, *PKERB_BINDING_CACHE_ENTRY_DATA;
2415
2416 typedef struct _KERB_QUERY_BINDING_CACHE_RESPONSE {
2417 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2418 ULONG CountOfEntries;
2419 PKERB_BINDING_CACHE_ENTRY_DATA Entries;
2420 } KERB_QUERY_BINDING_CACHE_RESPONSE, *PKERB_QUERY_BINDING_CACHE_RESPONSE;
2421
2422 typedef struct _KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
2423 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2424 UNICODE_STRING RealmName;
2425 UNICODE_STRING KdcAddress;
2426 ULONG AddressType;
2427 ULONG DcFlags;
2428 } KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST, *PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
2429
2430 typedef struct _KERB_QUERY_BINDING_CACHE_REQUEST {
2431 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2432 } KERB_QUERY_BINDING_CACHE_REQUEST, *PKERB_QUERY_BINDING_CACHE_REQUEST;
2433
2434 typedef struct _KERB_PURGE_BINDING_CACHE_REQUEST {
2435 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2436 } KERB_PURGE_BINDING_CACHE_REQUEST, *PKERB_PURGE_BINDING_CACHE_REQUEST;
2437
2438 typedef struct _KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
2439 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2440 ULONG Flags;
2441 UNICODE_STRING DomainName;
2442 } KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST, *PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
2443
2444#define KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE_FLAG_DAC_DISABLED 1
2445
2446 typedef struct _KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
2447 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2448 ULONG Flags;
2449 ULONG ExtendedPolicies;
2450 ULONG DsFlags;
2451 } KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE, *PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
2452
2453 typedef enum _KERB_CERTIFICATE_INFO_TYPE {
2454 CertHashInfo = 1,
2455 } KERB_CERTIFICATE_INFO_TYPE, *PKERB_CERTIFICATE_INFO_TYPE;
2456
2457 typedef struct _KERB_CERTIFICATE_HASHINFO {
2458 USHORT StoreNameLength;
2459 USHORT HashLength;
2460 } KERB_CERTIFICATE_HASHINFO, *PKERB_CERTIFICATE_HASHINFO;
2461
2462 typedef struct _KERB_CERTIFICATE_INFO {
2463 ULONG CertInfoSize;
2464 ULONG InfoType;
2465 } KERB_CERTIFICATE_INFO, *PKERB_CERTIFICATE_INFO;
2466
2467#endif
2468
2469#define PER_USER_POLICY_UNCHANGED 0x00
2470#define PER_USER_AUDIT_SUCCESS_INCLUDE 0x01
2471#define PER_USER_AUDIT_SUCCESS_EXCLUDE 0x02
2472#define PER_USER_AUDIT_FAILURE_INCLUDE 0x04
2473#define PER_USER_AUDIT_FAILURE_EXCLUDE 0x08
2474#define PER_USER_AUDIT_NONE 0x10
2475
2476#define VALID_PER_USER_AUDIT_POLICY_FLAG (PER_USER_AUDIT_SUCCESS_INCLUDE | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE)
2477
2478 typedef struct _AUDIT_POLICY_INFORMATION {
2479 GUID AuditSubCategoryGuid;
2480 ULONG AuditingInformation;
2481 GUID AuditCategoryGuid;
2482 } AUDIT_POLICY_INFORMATION, *PAUDIT_POLICY_INFORMATION;
2483 typedef const PAUDIT_POLICY_INFORMATION PCAUDIT_POLICY_INFORMATION, LPCAUDIT_POLICY_INFORMATION;
2484
2485#define AUDIT_SET_SYSTEM_POLICY 0x0001
2486#define AUDIT_QUERY_SYSTEM_POLICY 0x0002
2487#define AUDIT_SET_USER_POLICY 0x0004
2488#define AUDIT_QUERY_USER_POLICY 0x0008
2489#define AUDIT_ENUMERATE_USERS 0x0010
2490#define AUDIT_SET_MISC_POLICY 0x0020
2491#define AUDIT_QUERY_MISC_POLICY 0x0040
2492
2493#define AUDIT_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY | AUDIT_QUERY_SYSTEM_POLICY | \
2494 AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | \
2495 AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY)
2496
2497#define AUDIT_GENERIC_READ (STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_QUERY_USER_POLICY | \
2498 AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY)
2499
2500#define AUDIT_GENERIC_WRITE (STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY | AUDIT_SET_MISC_POLICY | \
2501 AUDIT_SET_SYSTEM_POLICY)
2502
2503#define AUDIT_GENERIC_EXECUTE STANDARD_RIGHTS_EXECUTE
2504
2505 typedef struct _POLICY_AUDIT_SID_ARRAY {
2506 ULONG UsersCount;
2507 PSID *UserSidArray;
2508 } POLICY_AUDIT_SID_ARRAY, *PPOLICY_AUDIT_SID_ARRAY;
2509
2510#if _WIN32_WINNT >= 0x0600
2511
2512#define KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES 0x1
2513#define KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO 0x2
2514
2515 typedef struct _KERB_CERTIFICATE_LOGON {
2516 KERB_LOGON_SUBMIT_TYPE MessageType;
2517 UNICODE_STRING DomainName;
2518 UNICODE_STRING UserName;
2519 UNICODE_STRING Pin;
2520 ULONG Flags;
2521 ULONG CspDataLength;
2522 PUCHAR CspData;
2523 } KERB_CERTIFICATE_LOGON, *PKERB_CERTIFICATE_LOGON;
2524
2525 typedef struct _KERB_CERTIFICATE_UNLOCK_LOGON {
2526 KERB_CERTIFICATE_LOGON Logon;
2527 LUID LogonId;
2528 } KERB_CERTIFICATE_UNLOCK_LOGON, *PKERB_CERTIFICATE_UNLOCK_LOGON;
2529
2530#define KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES 0x1
2531#define KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2532#define KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED 0x4
2533#define KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY 0x8
2534
2535 typedef struct _KERB_CERTIFICATE_S4U_LOGON {
2536 KERB_LOGON_SUBMIT_TYPE MessageType;
2537 ULONG Flags;
2538 UNICODE_STRING UserPrincipalName;
2539 UNICODE_STRING DomainName;
2540 ULONG CertificateLength;
2541 PUCHAR Certificate;
2542 } KERB_CERTIFICATE_S4U_LOGON, *PKERB_CERTIFICATE_S4U_LOGON;
2543
2544 typedef struct _KERB_SMARTCARD_CSP_INFO {
2545 DWORD dwCspInfoLen;
2546 DWORD MessageType;
2547 __C89_NAMELESS union {
2548 PVOID ContextInformation;
2549 ULONG64 SpaceHolderForWow64;
2550 };
2551 DWORD flags;
2552 DWORD KeySpec;
2553 ULONG nCardNameOffset;
2554 ULONG nReaderNameOffset;
2555 ULONG nContainerNameOffset;
2556 ULONG nCSPNameOffset;
2557 TCHAR bBuffer;
2558 } KERB_SMARTCARD_CSP_INFO, *PKERB_SMARTCARD_CSP_INFO;
2559
2560#endif
2561
2562 BOOLEAN WINAPI AuditComputeEffectivePolicyBySid(
2563 const PSID pSid,
2564 const GUID *pSubCategoryGuids,
2565 ULONG PolicyCount,
2566 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2567 );
2568
2569 VOID WINAPI AuditFree(
2570 PVOID Buffer
2571 );
2572
2573 BOOLEAN WINAPI AuditSetSystemPolicy(
2574 PCAUDIT_POLICY_INFORMATION pAuditPolicy,
2575 ULONG PolicyCount
2576 );
2577
2578 BOOLEAN WINAPI AuditQuerySystemPolicy(
2579 const GUID *pSubCategoryGuids,
2580 ULONG PolicyCount,
2581 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2582 );
2583
2584 BOOLEAN WINAPI AuditSetPerUserPolicy(
2585 const PSID pSid,
2586 PCAUDIT_POLICY_INFORMATION pAuditPolicy,
2587 ULONG PolicyCount
2588 );
2589
2590 BOOLEAN WINAPI AuditQueryPerUserPolicy(
2591 const PSID pSid,
2592 const GUID *pSubCategoryGuids,
2593 ULONG PolicyCount,
2594 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2595 );
2596
2597 BOOLEAN WINAPI AuditComputeEffectivePolicyByToken(
2598 HANDLE hTokenHandle,
2599 const GUID *pSubCategoryGuids,
2600 ULONG PolicyCount,
2601 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2602 );
2603
2604 BOOLEAN WINAPI AuditEnumerateCategories(
2605 GUID **ppAuditCategoriesArray,
2606 PULONG pCountReturned
2607 );
2608
2609 BOOLEAN WINAPI AuditEnumeratePerUserPolicy(
2610 PPOLICY_AUDIT_SID_ARRAY *ppAuditSidArray
2611 );
2612
2613 BOOLEAN WINAPI AuditEnumerateSubCategories(
2614 const GUID *pAuditCategoryGuid,
2615 BOOLEAN bRetrieveAllSubCategories,
2616 GUID **ppAuditSubCategoriesArray,
2617 PULONG pCountReturned
2618 );
2619
2620 BOOLEAN WINAPI AuditLookupCategoryGuidFromCategoryId(
2621 POLICY_AUDIT_EVENT_TYPE AuditCategoryId,
2622 GUID *pAuditCategoryGuid
2623 );
2624
2625 BOOLEAN WINAPI AuditQuerySecurity(
2626 SECURITY_INFORMATION SecurityInformation,
2627 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
2628 );
2629
2630#define AuditLookupSubCategoryName __MINGW_NAME_AW(AuditLookupSubCategoryName)
2631#define AuditLookupCategoryName __MINGW_NAME_AW(AuditLookupCategoryName)
2632
2633 BOOLEAN WINAPI AuditLookupSubCategoryNameA(
2634 const GUID *pAuditSubCategoryGuid,
2635 LPSTR *ppszSubCategoryName
2636 );
2637
2638 BOOLEAN WINAPI AuditLookupSubCategoryNameW(
2639 const GUID *pAuditSubCategoryGuid,
2640 LPWSTR *ppszSubCategoryName
2641 );
2642
2643 BOOLEAN WINAPI AuditLookupCategoryNameA(
2644 const GUID *pAuditCategoryGuid,
2645 LPSTR *ppszCategoryName
2646 );
2647
2648 BOOLEAN WINAPI AuditLookupCategoryNameW(
2649 const GUID *pAuditCategoryGuid,
2650 LPWSTR *ppszCategoryName
2651 );
2652
2653 BOOLEAN WINAPI AuditLookupCategoryIdFromCategoryGuid(
2654 const GUID *pAuditCategoryGuid,
2655 PPOLICY_AUDIT_EVENT_TYPE pAuditCategoryId
2656 );
2657
2658 BOOLEAN WINAPI AuditSetSecurity(
2659 SECURITY_INFORMATION SecurityInformation,
2660 PSECURITY_DESCRIPTOR pSecurityDescriptor
2661 );
2662
2663 BOOLEAN NTAPI AuditSetGlobalSaclW(
2664 PCWSTR ObjectTypeName,
2665 PACL Acl
2666 );
2667
2668 BOOLEAN NTAPI AuditSetGlobalSaclA(
2669 PCSTR ObjectTypeName,
2670 PACL Acl
2671 );
2672
2673#define AuditSetGlobalSacl __MINGW_NAME_AW(AuditSetGlobalSacl)
2674
2675 BOOLEAN NTAPI AuditQueryGlobalSaclW(
2676 PCWSTR ObjectTypeName,
2677 PACL *Acl
2678 );
2679
2680 BOOLEAN NTAPI AuditQueryGlobalSaclA(
2681 PCSTR ObjectTypeName,
2682 PACL *Acl
2683 );
2684
2685#define AuditQueryGlobalSacl __MINGW_NAME_AW(AuditQueryGlobalSacl)
2686
2687#if _WIN32_WINNT >= 0x0601
2688
2689#define PKU2U_PACKAGE_NAME_A "pku2u"
2690#define PKU2U_PACKAGE_NAME L"pku2u"
2691#define PKU2U_PACKAGE_NAME_W PKU2U_PACKAGE_NAME
2692
2693 typedef struct _PKU2U_CERT_BLOB {
2694 ULONG CertOffset;
2695 USHORT CertLength;
2696 } PKU2U_CERT_BLOB, *PPKU2U_CERT_BLOB;
2697
2698#define PKU2U_CREDUI_CONTEXT_VERSION 0x4154414454524543
2699
2700 typedef struct _PKU2U_CREDUI_CONTEXT {
2701 ULONG64 Version;
2702 USHORT cbHeaderLength;
2703 ULONG cbStructureLength;
2704 USHORT CertArrayCount;
2705 ULONG CertArrayOffset;
2706 } PKU2U_CREDUI_CONTEXT, *PPKU2U_CREDUI_CONTEXT;
2707
2708 typedef enum _PKU2U_LOGON_SUBMIT_TYPE {
2709 Pku2uCertificateS4ULogon = 14,
2710 } PKU2U_LOGON_SUBMIT_TYPE, *PPKU2U_LOGON_SUBMIT_TYPE;
2711
2712 typedef struct _PKU2U_CERTIFICATE_S4U_LOGON {
2713 PKU2U_LOGON_SUBMIT_TYPE MessageType;
2714 ULONG Flags;
2715 UNICODE_STRING UserPrincipalName;
2716 UNICODE_STRING DomainName;
2717 ULONG CertificateLength;
2718 PUCHAR Certificate;
2719 } PKU2U_CERTIFICATE_S4U_LOGON, *PPKU2U_CERTIFICATE_S4U_LOGON;
2720
2721#endif
2722
2723#ifdef __cplusplus
2724}
2725#endif
2726#endif
Note: See TracBrowser for help on using the repository browser.